Warning: Permanently added '2620:52:3:1:dead:beef:cafe:c198' (ED25519) to the list of known hosts. INFO: Reading stdout from command: md5sum pysaml2-7.4.2.tar.gz Running (timeout=18000): unbuffer mock --spec /var/lib/copr-rpmbuild/workspace/workdir-rj7kgvy0/python-pysaml2/python-pysaml2.spec --sources /var/lib/copr-rpmbuild/workspace/workdir-rj7kgvy0/python-pysaml2 --resultdir /var/lib/copr-rpmbuild/results --uniqueext 1731577445.236555 -r /var/lib/copr-rpmbuild/results/configs/child.cfg INFO: mock.py version 5.9 starting (python version = 3.12.1, NVR = mock-5.9-1.fc39), args: /usr/libexec/mock/mock --spec /var/lib/copr-rpmbuild/workspace/workdir-rj7kgvy0/python-pysaml2/python-pysaml2.spec --sources /var/lib/copr-rpmbuild/workspace/workdir-rj7kgvy0/python-pysaml2 --resultdir /var/lib/copr-rpmbuild/results --uniqueext 1731577445.236555 -r /var/lib/copr-rpmbuild/results/configs/child.cfg Start(bootstrap): init plugins INFO: tmpfs initialized INFO: selinux enabled INFO: chroot_scan: initialized INFO: compress_logs: initialized Finish(bootstrap): init plugins Start: init plugins INFO: tmpfs initialized INFO: selinux enabled INFO: chroot_scan: initialized INFO: compress_logs: initialized Finish: init plugins INFO: Signal handler active Start: run INFO: Start(/var/lib/copr-rpmbuild/workspace/workdir-rj7kgvy0/python-pysaml2/python-pysaml2.spec) Config(fedora-rawhide-x86_64) Start: clean chroot Finish: clean chroot Mock Version: 5.9 INFO: Mock Version: 5.9 Start(bootstrap): chroot init INFO: mounting tmpfs at /var/lib/mock/fedora-rawhide-x86_64-bootstrap-1731577445.236555/root. INFO: calling preinit hooks INFO: enabled root cache INFO: enabled package manager cache Start(bootstrap): cleaning package manager metadata Finish(bootstrap): cleaning package manager metadata INFO: Guessed host environment type: unknown INFO: Using bootstrap image: registry.fedoraproject.org/fedora:rawhide INFO: Pulling image: registry.fedoraproject.org/fedora:rawhide INFO: Copy content of container registry.fedoraproject.org/fedora:rawhide to /var/lib/mock/fedora-rawhide-x86_64-bootstrap-1731577445.236555/root INFO: Checking that registry.fedoraproject.org/fedora:rawhide image matches host's architecture INFO: mounting registry.fedoraproject.org/fedora:rawhide with podman image mount INFO: image registry.fedoraproject.org/fedora:rawhide as /var/lib/containers/storage/overlay/5347917ae9d729c2f508e336708d4950b8627ff5f9468c4f4fd9a9786b2bbf71/merged INFO: umounting image registry.fedoraproject.org/fedora:rawhide (/var/lib/containers/storage/overlay/5347917ae9d729c2f508e336708d4950b8627ff5f9468c4f4fd9a9786b2bbf71/merged) with podman image umount INFO: Package manager dnf5 detected and used (fallback) INFO: Not updating bootstrap chroot, bootstrap_image_ready=True Start(bootstrap): creating root cache Finish(bootstrap): creating root cache Finish(bootstrap): chroot init Start: chroot init INFO: mounting tmpfs at /var/lib/mock/fedora-rawhide-x86_64-1731577445.236555/root. INFO: calling preinit hooks INFO: enabled root cache INFO: enabled package manager cache Start: cleaning package manager metadata Finish: cleaning package manager metadata INFO: enabled HW Info plugin INFO: Package manager dnf5 detected and used (direct choice) INFO: Buildroot is handled by package management downloaded with a bootstrap image: rpm-4.20.0-1.fc42.x86_64 rpm-sequoia-1.7.0-2.fc41.x86_64 dnf5-5.2.7.0-1.fc42.x86_64 dnf5-plugins-5.2.7.0-1.fc42.x86_64 Start: installing minimal buildroot with dnf5 Updating and loading repositories: fedora 100% | 1.0 MiB/s | 27.6 KiB | 00m00s Copr repository 100% | 10.9 KiB/s | 1.5 KiB | 00m00s Additional repo http_kojipkgs_fedorapr 100% | 72.2 KiB/s | 3.8 KiB | 00m00s Repositories loaded. Package Arch Version Repository Size Installing group/module packages: bash x86_64 5.2.37-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 8.2 MiB bzip2 x86_64 1.0.8-19.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 95.7 KiB coreutils x86_64 9.5-11.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 5.4 MiB cpio x86_64 2.15-2.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.1 MiB diffutils x86_64 3.10-8.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.6 MiB fedora-release-common noarch 42-0.8 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 19.7 KiB findutils x86_64 1:4.10.0-4.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.8 MiB gawk x86_64 5.3.0-4.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.7 MiB glibc-minimal-langpack x86_64 2.40.9000-18.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 0.0 B grep x86_64 3.11-9.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.0 MiB gzip x86_64 1.13-2.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 389.0 KiB info x86_64 7.1.1-2.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 361.8 KiB patch x86_64 2.7.6-25.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 266.7 KiB redhat-rpm-config noarch 296-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 186.6 KiB rpm-build x86_64 4.20.0-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 194.3 KiB sed x86_64 4.9-3.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 861.5 KiB shadow-utils x86_64 2:4.16.0-7.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 4.0 MiB tar x86_64 2:1.35-4.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 2.9 MiB unzip x86_64 6.0-64.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 386.8 KiB util-linux x86_64 2.40.2-8.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 3.7 MiB which x86_64 2.21-42.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 80.2 KiB xz x86_64 1:5.6.3-2.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.2 MiB Installing dependencies: add-determinism x86_64 0.4.3-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 2.4 MiB alternatives x86_64 1.30-1.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 66.3 KiB ansible-srpm-macros noarch 1-16.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 35.7 KiB audit-libs x86_64 4.0.2-1.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 331.3 KiB authselect x86_64 1.5.0-8.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 157.5 KiB authselect-libs x86_64 1.5.0-8.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 822.2 KiB basesystem noarch 11-21.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 0.0 B binutils x86_64 2.43.50-7.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 28.5 MiB build-reproducibility-srpm-macros noarch 0.4.3-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 735.0 B bzip2-libs x86_64 1.0.8-19.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 80.7 KiB ca-certificates noarch 2024.2.69_v8.0.401-2.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 2.6 MiB coreutils-common x86_64 9.5-11.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 11.2 MiB cracklib x86_64 2.9.11-6.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 238.9 KiB crypto-policies noarch 20241106-1.git35892de.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 136.9 KiB curl x86_64 8.10.1-2.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 453.3 KiB cyrus-sasl-lib x86_64 2.1.28-27.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 2.3 MiB debugedit x86_64 5.1-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 192.7 KiB dwz x86_64 0.15-8.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 299.2 KiB ed x86_64 1.20.2-2.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 146.9 KiB efi-srpm-macros noarch 5-12.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 40.1 KiB elfutils x86_64 0.192-6.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 2.6 MiB elfutils-debuginfod-client x86_64 0.192-6.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 80.4 KiB elfutils-default-yama-scope noarch 0.192-6.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.8 KiB elfutils-libelf x86_64 0.192-6.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.2 MiB elfutils-libs x86_64 0.192-6.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 672.8 KiB fedora-gpg-keys noarch 42-0.3 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 126.4 KiB fedora-release noarch 42-0.8 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 0.0 B fedora-release-identity-basic noarch 42-0.8 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 719.0 B fedora-repos noarch 42-0.3 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 4.9 KiB fedora-repos-rawhide noarch 42-0.3 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 2.2 KiB file x86_64 5.45-7.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 103.5 KiB file-libs x86_64 5.45-7.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 9.9 MiB filesystem x86_64 3.18-29.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 106.0 B fonts-srpm-macros noarch 1:2.0.5-17.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 55.8 KiB forge-srpm-macros noarch 0.4.0-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 38.9 KiB fpc-srpm-macros noarch 1.3-13.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 144.0 B gdb-minimal x86_64 15.2-3.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 13.0 MiB gdbm x86_64 1:1.23-7.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 460.9 KiB gdbm-libs x86_64 1:1.23-7.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 121.9 KiB ghc-srpm-macros noarch 1.9.2-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 779.0 B glibc x86_64 2.40.9000-18.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 6.7 MiB glibc-common x86_64 2.40.9000-18.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.1 MiB glibc-gconv-extra x86_64 2.40.9000-18.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 8.0 MiB gmp x86_64 1:6.3.0-2.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 811.4 KiB gnat-srpm-macros noarch 6-6.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.0 KiB go-srpm-macros noarch 3.6.0-3.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 60.8 KiB groff-base x86_64 1.23.0-7.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 3.8 MiB jansson x86_64 2.14-1.fc42 copr_base 89.3 KiB json-c x86_64 0.18-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 83.3 KiB kernel-srpm-macros noarch 1.0-24.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.9 KiB keyutils-libs x86_64 1.6.3-4.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 54.4 KiB krb5-libs x86_64 1.21.3-3.fc42 copr_base 2.3 MiB libacl x86_64 2.3.2-2.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 40.0 KiB libarchive x86_64 3.7.7-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 932.3 KiB libattr x86_64 2.5.2-4.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 28.5 KiB libblkid x86_64 2.40.2-8.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 262.5 KiB libbrotli x86_64 1.1.0-5.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 837.6 KiB libcap x86_64 2.71-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 210.8 KiB libcap-ng x86_64 0.8.5-3.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 69.2 KiB libcom_err x86_64 1.47.1-6.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 67.2 KiB libcurl x86_64 8.10.1-2.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 838.4 KiB libeconf x86_64 0.7.4-3.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 65.7 KiB libevent x86_64 2.1.12-14.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 895.7 KiB libfdisk x86_64 2.40.2-8.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 362.9 KiB libffi x86_64 3.4.6-3.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 86.4 KiB libgcc x86_64 14.2.1-6.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 270.6 KiB libgomp x86_64 14.2.1-6.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 519.8 KiB libidn2 x86_64 2.3.7-2.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 329.1 KiB libmount x86_64 2.40.2-8.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 355.8 KiB libnghttp2 x86_64 1.64.0-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 174.5 KiB libnsl2 x86_64 2.0.1-2.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 57.9 KiB libpkgconf x86_64 2.3.0-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 78.2 KiB libpsl x86_64 0.21.5-4.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 80.5 KiB libpwquality x86_64 1.4.5-11.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 417.8 KiB libselinux x86_64 3.7-6.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 181.1 KiB libsemanage x86_64 3.7-3.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 298.0 KiB libsepol x86_64 3.7-3.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 818.0 KiB libsmartcols x86_64 2.40.2-8.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 180.4 KiB libssh x86_64 0.11.1-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 569.6 KiB libssh-config noarch 0.11.1-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 277.0 B libstdc++ x86_64 14.2.1-6.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 2.8 MiB libtasn1 x86_64 4.19.0-9.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 175.7 KiB libtirpc x86_64 1.3.6-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 205.5 KiB libtool-ltdl x86_64 2.4.7-12.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 66.2 KiB libunistring x86_64 1.1-8.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.7 MiB libuuid x86_64 2.40.2-8.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 41.4 KiB libverto x86_64 0.3.2-9.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 29.5 KiB libxcrypt x86_64 4.4.36-10.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 267.7 KiB libxml2 x86_64 2.12.8-2.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.7 MiB libzstd x86_64 1.5.6-2.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 795.9 KiB lua-libs x86_64 5.4.7-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 285.0 KiB lua-srpm-macros noarch 1-14.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.3 KiB lz4-libs x86_64 1.10.0-1.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 145.5 KiB mpfr x86_64 4.2.1-5.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 832.1 KiB ncurses x86_64 6.5-2.20240629.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 627.3 KiB ncurses-base noarch 6.5-2.20240629.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 326.3 KiB ncurses-libs x86_64 6.5-2.20240629.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 975.2 KiB ocaml-srpm-macros noarch 10-3.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.9 KiB openblas-srpm-macros noarch 2-18.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 112.0 B openldap x86_64 2.6.8-5.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 644.2 KiB openssl-libs x86_64 1:3.2.2-8.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 7.8 MiB p11-kit x86_64 0.25.5-4.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 2.2 MiB p11-kit-trust x86_64 0.25.5-4.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 403.8 KiB package-notes-srpm-macros noarch 0.5-12.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.6 KiB pam x86_64 1.7.0-2.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.7 MiB pam-libs x86_64 1.7.0-2.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 127.7 KiB pcre2 x86_64 10.44-1.fc41.1 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 653.5 KiB pcre2-syntax noarch 10.44-1.fc41.1 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 251.6 KiB perl-AutoLoader noarch 5.74-512.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 20.5 KiB perl-B x86_64 1.89-512.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 498.0 KiB perl-Carp noarch 1.54-511.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 46.6 KiB perl-Class-Struct noarch 0.68-512.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 25.4 KiB perl-Data-Dumper x86_64 2.189-512.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 111.7 KiB perl-Digest noarch 1.20-511.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 35.3 KiB perl-Digest-MD5 x86_64 2.59-5.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 59.8 KiB perl-DynaLoader x86_64 1.56-512.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 32.1 KiB perl-Encode x86_64 4:3.21-511.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 4.7 MiB perl-Errno x86_64 1.38-512.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 8.4 KiB perl-Exporter noarch 5.78-511.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 54.3 KiB perl-Fcntl x86_64 1.18-512.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 49.0 KiB perl-File-Basename noarch 2.86-512.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 14.0 KiB perl-File-Path noarch 2.18-511.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 63.5 KiB perl-File-Temp noarch 1:0.231.100-511.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 162.3 KiB perl-File-stat noarch 1.14-512.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 12.5 KiB perl-FileHandle noarch 2.05-512.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 9.3 KiB perl-Getopt-Long noarch 1:2.58-2.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 144.5 KiB perl-Getopt-Std noarch 1.14-512.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 11.2 KiB perl-HTTP-Tiny noarch 0.090-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 154.4 KiB perl-IO x86_64 1.55-512.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 151.1 KiB perl-IO-Socket-IP noarch 0.42-512.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 98.7 KiB perl-IO-Socket-SSL noarch 2.089-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 703.3 KiB perl-IPC-Open3 noarch 1.22-512.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 22.5 KiB perl-MIME-Base32 noarch 1.303-21.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 30.7 KiB perl-MIME-Base64 x86_64 3.16-511.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 46.1 KiB perl-Net-SSLeay x86_64 1.94-7.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.3 MiB perl-POSIX x86_64 2.20-512.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 235.1 KiB perl-PathTools x86_64 3.91-511.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 180.0 KiB perl-Pod-Escapes noarch 1:1.07-511.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 24.9 KiB perl-Pod-Perldoc noarch 3.28.01-512.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 163.7 KiB perl-Pod-Simple noarch 1:3.45-511.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 560.9 KiB perl-Pod-Usage noarch 4:2.03-511.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 84.8 KiB perl-Scalar-List-Utils x86_64 5:1.68-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 148.9 KiB perl-SelectSaver noarch 1.02-512.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 2.2 KiB perl-Socket x86_64 4:2.038-511.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 124.0 KiB perl-Storable x86_64 1:3.32-511.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 232.4 KiB perl-Symbol noarch 1.09-512.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 6.8 KiB perl-Term-ANSIColor noarch 5.01-512.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 97.5 KiB perl-Term-Cap noarch 1.18-511.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 29.3 KiB perl-Text-ParseWords noarch 3.31-511.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 13.6 KiB perl-Text-Tabs+Wrap noarch 2024.001-511.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 22.6 KiB perl-Time-Local noarch 2:1.350-511.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 69.0 KiB perl-URI noarch 5.31-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 257.0 KiB perl-base noarch 2.27-512.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 12.5 KiB perl-constant noarch 1.33-512.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 26.2 KiB perl-if noarch 0.61.000-512.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 5.8 KiB perl-interpreter x86_64 4:5.40.0-512.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 122.3 KiB perl-libnet noarch 3.15-512.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 289.4 KiB perl-libs x86_64 4:5.40.0-512.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 9.9 MiB perl-locale noarch 1.12-512.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 6.5 KiB perl-mro x86_64 1.29-512.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 45.6 KiB perl-overload noarch 1.37-512.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 71.5 KiB perl-overloading noarch 0.02-512.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 4.8 KiB perl-parent noarch 1:0.242-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 10.0 KiB perl-podlators noarch 1:6.0.2-2.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 317.5 KiB perl-srpm-macros noarch 1-56.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 861.0 B perl-vars noarch 1.05-512.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 3.9 KiB pkgconf x86_64 2.3.0-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 88.6 KiB pkgconf-m4 noarch 2.3.0-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 14.4 KiB pkgconf-pkg-config x86_64 2.3.0-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 989.0 B popt x86_64 1.19-7.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 136.9 KiB publicsuffix-list-dafsa noarch 20240107-4.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 67.5 KiB pyproject-srpm-macros noarch 1.16.2-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.9 KiB python-srpm-macros noarch 3.13-3.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 51.0 KiB qt5-srpm-macros noarch 5.15.15-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 500.0 B qt6-srpm-macros noarch 6.8.0-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 456.0 B readline x86_64 8.2-11.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 493.1 KiB rpm x86_64 4.20.0-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 3.1 MiB rpm-build-libs x86_64 4.20.0-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 206.7 KiB rpm-libs x86_64 4.20.0-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 726.1 KiB rpm-sequoia x86_64 1.7.0-2.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 2.4 MiB rust-srpm-macros noarch 26.3-3.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 4.8 KiB setup noarch 2.15.0-5.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 720.7 KiB sqlite-libs x86_64 3.47.0-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.5 MiB systemd-libs x86_64 257~rc1-2.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 2.3 MiB util-linux-core x86_64 2.40.2-8.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.5 MiB xxhash-libs x86_64 0.8.2-4.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 88.4 KiB xz-libs x86_64 1:5.6.3-2.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 218.4 KiB zig-srpm-macros noarch 1-3.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.1 KiB zip x86_64 3.0-41.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 703.2 KiB zlib-ng-compat x86_64 2.2.2-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 134.0 KiB zstd x86_64 1.5.6-2.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.7 MiB Installing groups: Buildsystem building group Transaction Summary: Installing: 213 packages Total size of inbound packages is 61 MiB. Need to download 0 B. After this operation, 207 MiB extra will be used (install 207 MiB, remove 0 B). [1/1] tar-2:1.35-4.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [1/1] Total 100% | 0.0 B/s | 0.0 B | 00m00s [1/2] bzip2-0:1.0.8-19.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [2/2] Total 100% | 0.0 B/s | 0.0 B | 00m00s [1/3] redhat-rpm-config-0:296-1.fc42.no 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [3/3] Total 100% | 0.0 B/s | 0.0 B | 00m00s [1/4] rpm-build-0:4.20.0-1.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [4/4] Total 100% | 0.0 B/s | 0.0 B | 00m00s [1/5] unzip-0:6.0-64.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [5/5] Total 100% | 0.0 B/s | 0.0 B | 00m00s [1/6] cpio-0:2.15-2.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [6/6] Total 100% | 0.0 B/s | 0.0 B | 00m00s [1/7] which-0:2.21-42.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [7/7] Total 100% | 0.0 B/s | 0.0 B | 00m00s [1/8] bash-0:5.2.37-1.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [8/8] Total 100% | 0.0 B/s | 0.0 B | 00m00s [1/9] coreutils-0:9.5-11.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [9/9] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/10] grep-0:3.11-9.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [10/10] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/11] patch-0:2.7.6-25.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [11/11] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/12] sed-0:4.9-3.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [12/12] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/13] shadow-utils-2:4.16.0-7.fc42.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [13/13] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/14] util-linux-0:2.40.2-8.fc42.x86_ 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [14/14] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/15] diffutils-0:3.10-8.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [15/15] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/16] fedora-release-common-0:42-0.8. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [16/16] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/17] findutils-1:4.10.0-4.fc41.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [17/17] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/18] gawk-0:5.3.0-4.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [18/18] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/19] glibc-minimal-langpack-0:2.40.9 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [19/19] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/20] gzip-0:1.13-2.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [20/20] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/21] info-0:7.1.1-2.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [21/21] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/22] xz-1:5.6.3-2.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [22/22] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/23] coreutils-common-0:9.5-11.fc42. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [23/23] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/24] glibc-0:2.40.9000-18.fc42.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [24/24] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/25] glibc-common-0:2.40.9000-18.fc4 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [25/25] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/26] glibc-gconv-extra-0:2.40.9000-1 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [26/26] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/27] xz-libs-1:5.6.3-2.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [27/27] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/28] audit-libs-0:4.0.2-1.fc41.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [28/28] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/29] authselect-libs-0:1.5.0-8.fc42. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [29/29] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/30] libblkid-0:2.40.2-8.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [30/30] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/31] libcap-ng-0:0.8.5-3.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [31/31] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/32] libfdisk-0:2.40.2-8.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [32/32] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/33] libmount-0:2.40.2-8.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [33/33] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/34] libselinux-0:3.7-6.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [34/34] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/35] libsmartcols-0:2.40.2-8.fc42.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [35/35] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/36] libuuid-0:2.40.2-8.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [36/36] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/37] ncurses-libs-0:6.5-2.20240629.f 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [37/37] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/38] pam-0:1.7.0-2.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [38/38] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/39] pam-libs-0:1.7.0-2.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [39/39] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/40] readline-0:8.2-11.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [40/40] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/41] systemd-libs-0:257~rc1-2.fc42.x 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [41/41] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/42] util-linux-core-0:2.40.2-8.fc42 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [42/42] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/43] zlib-ng-compat-0:2.2.2-1.fc42.x 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [43/43] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/44] bzip2-libs-0:1.0.8-19.fc41.x86_ 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [44/44] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/45] libacl-0:2.3.2-2.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [45/45] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/46] libcap-0:2.71-1.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [46/46] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/47] libgcc-0:14.2.1-6.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [47/47] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/48] libattr-0:2.5.2-4.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [48/48] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/49] libeconf-0:0.7.4-3.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [49/49] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/50] libsemanage-0:3.7-3.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [50/50] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/51] libxcrypt-0:4.4.36-10.fc42.x86_ 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [51/51] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/52] setup-0:2.15.0-5.fc41.noarch 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [52/52] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/53] binutils-0:2.43.50-7.fc42.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [53/53] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/54] debugedit-0:5.1-1.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [54/54] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/55] elfutils-0:0.192-6.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [55/55] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/56] elfutils-debuginfod-client-0:0. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [56/56] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/57] elfutils-libelf-0:0.192-6.fc42. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [57/57] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/58] elfutils-libs-0:0.192-6.fc42.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [58/58] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/59] file-0:5.45-7.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [59/59] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/60] libarchive-0:3.7.7-1.fc42.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [60/60] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/61] pkgconf-pkg-config-0:2.3.0-1.fc 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [61/61] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/62] popt-0:1.19-7.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [62/62] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/63] rpm-0:4.20.0-1.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [63/63] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/64] rpm-build-libs-0:4.20.0-1.fc42. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [64/64] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/65] rpm-libs-0:4.20.0-1.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [65/65] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/66] zstd-0:1.5.6-2.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [66/66] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/67] curl-0:8.10.1-2.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [67/67] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/68] ansible-srpm-macros-0:1-16.fc41 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [68/68] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/69] build-reproducibility-srpm-macr 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [69/69] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/70] dwz-0:0.15-8.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [70/70] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/71] efi-srpm-macros-0:5-12.fc41.noa 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [71/71] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/72] fonts-srpm-macros-1:2.0.5-17.fc 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [72/72] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/73] forge-srpm-macros-0:0.4.0-1.fc4 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [73/73] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/74] fpc-srpm-macros-0:1.3-13.fc41.n 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [74/74] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/75] ghc-srpm-macros-0:1.9.2-1.fc42. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [75/75] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/76] gnat-srpm-macros-0:6-6.fc41.noa 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [76/76] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/77] go-srpm-macros-0:3.6.0-3.fc41.n 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [77/77] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/78] kernel-srpm-macros-0:1.0-24.fc4 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [78/78] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/79] lua-srpm-macros-0:1-14.fc41.noa 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [79/79] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/80] ocaml-srpm-macros-0:10-3.fc41.n 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [80/80] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/81] openblas-srpm-macros-0:2-18.fc4 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [81/81] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/82] package-notes-srpm-macros-0:0.5 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [82/82] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/83] perl-srpm-macros-0:1-56.fc41.no 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [83/83] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/84] pyproject-srpm-macros-0:1.16.2- 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [84/84] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/85] python-srpm-macros-0:3.13-3.fc4 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [85/85] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/86] qt5-srpm-macros-0:5.15.15-1.fc4 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [86/86] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/87] qt6-srpm-macros-0:6.8.0-1.fc42. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [87/87] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/88] rust-srpm-macros-0:26.3-3.fc42. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [88/88] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/89] zig-srpm-macros-0:1-3.fc41.noar 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [89/89] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/90] zip-0:3.0-41.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [90/90] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/91] pkgconf-0:2.3.0-1.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [91/91] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/92] pkgconf-m4-0:2.3.0-1.fc42.noarc 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [92/92] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/93] libpkgconf-0:2.3.0-1.fc42.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [93/93] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/94] ed-0:1.20.2-2.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [94/94] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/95] authselect-0:1.5.0-8.fc42.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [95/95] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/96] gdbm-1:1.23-7.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [96/96] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/97] gdbm-libs-1:1.23-7.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [97/97] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/98] libnsl2-0:2.0.1-2.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [98/98] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/99] libpwquality-0:1.4.5-11.fc41.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [99/99] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/100] libtirpc-0:1.3.6-1.fc42.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [100/100] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/101] openssl-libs-1:3.2.2-8.fc42.x 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [101/101] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/102] ca-certificates-0:2024.2.69_v 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [102/102] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/103] crypto-policies-0:20241106-1. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [103/103] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/104] ncurses-base-0:6.5-2.20240629 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [104/104] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/105] krb5-libs-0:1.21.3-3.fc42.x86 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [105/105] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/106] libcom_err-0:1.47.1-6.fc42.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [106/106] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/107] libsepol-0:3.7-3.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [107/107] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/108] pcre2-0:10.44-1.fc41.1.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [108/108] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/109] cracklib-0:2.9.11-6.fc41.x86_ 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [109/109] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/110] libxml2-0:2.12.8-2.fc41.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [110/110] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/111] libzstd-0:1.5.6-2.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [111/111] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/112] lz4-libs-0:1.10.0-1.fc41.x86_ 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [112/112] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/113] basesystem-0:11-21.fc41.noarc 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [113/113] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/114] filesystem-0:3.18-29.fc42.x86 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [114/114] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/115] gmp-1:6.3.0-2.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [115/115] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/116] mpfr-0:4.2.1-5.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [116/116] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/117] file-libs-0:5.45-7.fc41.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [117/117] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/118] fedora-repos-0:42-0.3.noarch 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [118/118] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/119] elfutils-default-yama-scope-0 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [119/119] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/120] json-c-0:0.18-1.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [120/120] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/121] libstdc++-0:14.2.1-6.fc42.x86 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [121/121] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/122] libffi-0:3.4.6-3.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [122/122] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/123] p11-kit-0:0.25.5-4.fc42.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [123/123] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/124] p11-kit-trust-0:0.25.5-4.fc42 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [124/124] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/125] add-determinism-0:0.4.3-1.fc4 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [125/125] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/126] alternatives-0:1.30-1.fc41.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [126/126] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/127] jansson-0:2.14-1.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [127/127] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/128] perl-interpreter-4:5.40.0-512 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [128/128] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/129] keyutils-libs-0:1.6.3-4.fc41. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [129/129] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/130] libverto-0:0.3.2-9.fc41.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [130/130] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/131] lua-libs-0:5.4.7-1.fc42.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [131/131] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/132] rpm-sequoia-0:1.7.0-2.fc41.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [132/132] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/133] sqlite-libs-0:3.47.0-1.fc42.x 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [133/133] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/134] libgomp-0:14.2.1-6.fc42.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [134/134] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/135] perl-libs-4:5.40.0-512.fc42.x 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [135/135] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/136] pcre2-syntax-0:10.44-1.fc41.1 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [136/136] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/137] libtasn1-0:4.19.0-9.fc41.x86_ 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [137/137] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/138] fedora-gpg-keys-0:42-0.3.noar 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [138/138] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/139] fedora-repos-rawhide-0:42-0.3 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [139/139] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/140] perl-Carp-0:1.54-511.fc41.noa 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [140/140] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/141] perl-DynaLoader-0:1.56-512.fc 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [141/141] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/142] perl-Encode-4:3.21-511.fc41.x 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [142/142] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/143] perl-Exporter-0:5.78-511.fc41 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [143/143] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/144] perl-PathTools-0:3.91-511.fc4 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [144/144] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/145] perl-Errno-0:1.38-512.fc42.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [145/145] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/146] perl-Scalar-List-Utils-5:1.68 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [146/146] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/147] perl-constant-0:1.33-512.fc41 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [147/147] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/148] perl-File-Basename-0:2.86-512 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [148/148] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/149] perl-Getopt-Long-1:2.58-2.fc4 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [149/149] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/150] perl-Getopt-Std-0:1.14-512.fc 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [150/150] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/151] perl-MIME-Base64-0:3.16-511.f 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [151/151] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/152] perl-Storable-1:3.32-511.fc41 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [152/152] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/153] perl-overload-0:1.37-512.fc42 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [153/153] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/154] perl-parent-1:0.242-1.fc42.no 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [154/154] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/155] perl-vars-0:1.05-512.fc42.noa 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [155/155] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/156] perl-mro-0:1.29-512.fc42.x86_ 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [156/156] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/157] perl-overloading-0:0.02-512.f 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [157/157] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/158] perl-Fcntl-0:1.18-512.fc42.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [158/158] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/159] perl-IO-0:1.55-512.fc42.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [159/159] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/160] perl-File-stat-0:1.14-512.fc4 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [160/160] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/161] perl-SelectSaver-0:1.02-512.f 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [161/161] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/162] perl-Socket-4:2.038-511.fc41. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [162/162] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/163] perl-Symbol-0:1.09-512.fc42.n 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [163/163] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/164] perl-Pod-Usage-4:2.03-511.fc4 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [164/164] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/165] perl-Text-ParseWords-0:3.31-5 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [165/165] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/166] perl-base-0:2.27-512.fc42.noa 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [166/166] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/167] perl-Class-Struct-0:0.68-512. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [167/167] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/168] perl-Pod-Perldoc-0:3.28.01-51 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [168/168] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/169] perl-podlators-1:6.0.2-2.fc41 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [169/169] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/170] groff-base-0:1.23.0-7.fc41.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [170/170] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/171] perl-File-Temp-1:0.231.100-51 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [171/171] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/172] perl-HTTP-Tiny-0:0.090-1.fc42 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [172/172] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/173] perl-IPC-Open3-0:1.22-512.fc4 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [173/173] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/174] perl-Pod-Simple-1:3.45-511.fc 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [174/174] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/175] perl-POSIX-0:2.20-512.fc42.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [175/175] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/176] perl-IO-Socket-SSL-0:2.089-1. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [176/176] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/177] perl-Net-SSLeay-0:1.94-7.fc41 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [177/177] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/178] perl-Time-Local-2:1.350-511.f 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [178/178] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/179] perl-File-Path-0:2.18-511.fc4 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [179/179] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/180] perl-Term-ANSIColor-0:5.01-51 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [180/180] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/181] perl-Term-Cap-0:1.18-511.fc41 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [181/181] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/182] ncurses-0:6.5-2.20240629.fc41 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [182/182] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/183] perl-Pod-Escapes-1:1.07-511.f 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [183/183] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/184] perl-Text-Tabs+Wrap-0:2024.00 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [184/184] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/185] perl-if-0:0.61.000-512.fc42.n 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [185/185] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/186] perl-locale-0:1.12-512.fc42.n 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [186/186] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/187] perl-AutoLoader-0:5.74-512.fc 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [187/187] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/188] perl-IO-Socket-IP-0:0.42-512. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [188/188] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/189] perl-URI-0:5.31-1.fc42.noarch 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [189/189] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/190] perl-Data-Dumper-0:2.189-512. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [190/190] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/191] perl-MIME-Base32-0:1.303-21.f 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [191/191] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/192] perl-libnet-0:3.15-512.fc41.n 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [192/192] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/193] perl-B-0:1.89-512.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [193/193] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/194] perl-Digest-MD5-0:2.59-5.fc41 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [194/194] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/195] perl-FileHandle-0:2.05-512.fc 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [195/195] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/196] perl-Digest-0:1.20-511.fc41.n 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [196/196] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/197] fedora-release-0:42-0.8.noarc 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [197/197] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/198] gdb-minimal-0:15.2-3.fc42.x86 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [198/198] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/199] xxhash-libs-0:0.8.2-4.fc42.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [199/199] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/200] fedora-release-identity-basic 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [200/200] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/201] libcurl-0:8.10.1-2.fc42.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [201/201] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/202] libbrotli-0:1.1.0-5.fc41.x86_ 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [202/202] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/203] libidn2-0:2.3.7-2.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [203/203] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/204] libnghttp2-0:1.64.0-1.fc42.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [204/204] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/205] libpsl-0:0.21.5-4.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [205/205] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/206] libssh-0:0.11.1-1.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [206/206] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/207] openldap-0:2.6.8-5.fc41.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [207/207] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/208] cyrus-sasl-lib-0:2.1.28-27.fc 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [208/208] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/209] libevent-0:2.1.12-14.fc41.x86 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [209/209] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/210] libtool-ltdl-0:2.4.7-12.fc41. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [210/210] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/211] libssh-config-0:0.11.1-1.fc42 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [211/211] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/212] libunistring-0:1.1-8.fc41.x86 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [212/212] Total 100% | 0.0 B/s | 0.0 B | 00m00s [ 1/213] publicsuffix-list-dafsa-0:202 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [213/213] Total 100% | 0.0 B/s | 0.0 B | 00m00s Running transaction [ 1/215] Verify package files 100% | 938.0 B/s | 213.0 B | 00m00s >>> Running pre-transaction scriptlet: filesystem-0:3.18-29.fc42.x86_64 >>> Finished pre-transaction scriptlet: filesystem-0:3.18-29.fc42.x86_64 >>> [RPM] /var/lib/mock/fedora-rawhide-x86_64-1731577445.236555/root/var/cache/d [ 2/215] Prepare transaction 100% | 2.0 KiB/s | 213.0 B | 00m00s [ 3/215] Installing libgcc-0:14.2.1-6. 100% | 132.9 MiB/s | 272.3 KiB | 00m00s [ 4/215] Installing publicsuffix-list- 100% | 66.7 MiB/s | 68.3 KiB | 00m00s [ 5/215] Installing libssh-config-0:0. 100% | 0.0 B/s | 816.0 B | 00m00s [ 6/215] Installing fedora-release-ide 100% | 0.0 B/s | 976.0 B | 00m00s [ 7/215] Installing fedora-gpg-keys-0: 100% | 21.0 MiB/s | 172.2 KiB | 00m00s [ 8/215] Installing fedora-repos-rawhi 100% | 0.0 B/s | 2.4 KiB | 00m00s [ 9/215] Installing fedora-repos-0:42- 100% | 0.0 B/s | 5.7 KiB | 00m00s [ 10/215] Installing fedora-release-com 100% | 11.7 MiB/s | 24.0 KiB | 00m00s [ 11/215] Installing fedora-release-0:4 100% | 0.0 B/s | 124.0 B | 00m00s [ 12/215] Installing setup-0:2.15.0-5.f 100% | 50.6 MiB/s | 726.1 KiB | 00m00s >>> [RPM] /etc/hosts created as /etc/hosts.rpmnew [ 13/215] Installing filesystem-0:3.18- 100% | 1.7 MiB/s | 212.6 KiB | 00m00s [ 14/215] Installing basesystem-0:11-21 100% | 0.0 B/s | 124.0 B | 00m00s [ 15/215] Installing pcre2-syntax-0:10. 100% | 124.1 MiB/s | 254.1 KiB | 00m00s [ 16/215] Installing ncurses-base-0:6.5 100% | 38.2 MiB/s | 351.7 KiB | 00m00s [ 17/215] Installing glibc-minimal-lang 100% | 0.0 B/s | 124.0 B | 00m00s [ 18/215] Installing ncurses-libs-0:6.5 100% | 137.0 MiB/s | 981.8 KiB | 00m00s [ 19/215] Installing glibc-0:2.40.9000- 100% | 209.8 MiB/s | 6.7 MiB | 00m00s [ 20/215] Installing bash-0:5.2.37-1.fc 100% | 291.8 MiB/s | 8.2 MiB | 00m00s [ 21/215] Installing glibc-common-0:2.4 100% | 132.4 MiB/s | 1.1 MiB | 00m00s [ 22/215] Installing glibc-gconv-extra- 100% | 162.8 MiB/s | 8.1 MiB | 00m00s [ 23/215] Installing zlib-ng-compat-0:2 100% | 131.7 MiB/s | 134.9 KiB | 00m00s [ 24/215] Installing xz-libs-1:5.6.3-2. 100% | 214.3 MiB/s | 219.5 KiB | 00m00s [ 25/215] Installing bzip2-libs-0:1.0.8 100% | 79.9 MiB/s | 81.8 KiB | 00m00s [ 26/215] Installing libuuid-0:2.40.2-8 100% | 41.5 MiB/s | 42.5 KiB | 00m00s [ 27/215] Installing readline-0:8.2-11. 100% | 241.8 MiB/s | 495.3 KiB | 00m00s [ 28/215] Installing libxcrypt-0:4.4.36 100% | 132.0 MiB/s | 270.4 KiB | 00m00s [ 29/215] Installing popt-0:1.19-7.fc41 100% | 35.0 MiB/s | 143.5 KiB | 00m00s [ 30/215] Installing libstdc++-0:14.2.1 100% | 276.0 MiB/s | 2.8 MiB | 00m00s [ 31/215] Installing libblkid-0:2.40.2- 100% | 257.5 MiB/s | 263.6 KiB | 00m00s [ 32/215] Installing libattr-0:2.5.2-4. 100% | 28.8 MiB/s | 29.5 KiB | 00m00s [ 33/215] Installing libacl-0:2.3.2-2.f 100% | 39.8 MiB/s | 40.7 KiB | 00m00s [ 34/215] Installing libzstd-0:1.5.6-2. 100% | 259.5 MiB/s | 797.2 KiB | 00m00s [ 35/215] Installing elfutils-libelf-0: 100% | 291.6 MiB/s | 1.2 MiB | 00m00s [ 36/215] Installing gmp-1:6.3.0-2.fc41 100% | 264.9 MiB/s | 813.7 KiB | 00m00s [ 37/215] Installing libeconf-0:0.7.4-3 100% | 65.8 MiB/s | 67.4 KiB | 00m00s [ 38/215] Installing gdbm-libs-1:1.23-7 100% | 120.7 MiB/s | 123.6 KiB | 00m00s [ 39/215] Installing alternatives-0:1.3 100% | 66.3 MiB/s | 67.9 KiB | 00m00s [ 40/215] Installing mpfr-0:4.2.1-5.fc4 100% | 203.5 MiB/s | 833.7 KiB | 00m00s [ 41/215] Installing gawk-0:5.3.0-4.fc4 100% | 173.2 MiB/s | 1.7 MiB | 00m00s [ 42/215] Installing dwz-0:0.15-8.fc42. 100% | 146.8 MiB/s | 300.6 KiB | 00m00s [ 43/215] Installing unzip-0:6.0-64.fc4 100% | 190.6 MiB/s | 390.3 KiB | 00m00s [ 44/215] Installing file-libs-0:5.45-7 100% | 522.8 MiB/s | 9.9 MiB | 00m00s [ 45/215] Installing file-0:5.45-7.fc41 100% | 9.3 MiB/s | 105.0 KiB | 00m00s [ 46/215] Installing crypto-policies-0: 100% | 15.9 MiB/s | 163.3 KiB | 00m00s [ 47/215] Installing libcap-ng-0:0.8.5- 100% | 69.4 MiB/s | 71.0 KiB | 00m00s [ 48/215] Installing audit-libs-0:4.0.2 100% | 162.8 MiB/s | 333.4 KiB | 00m00s [ 49/215] Installing pam-libs-0:1.7.0-2 100% | 126.8 MiB/s | 129.9 KiB | 00m00s [ 50/215] Installing libcap-0:2.71-1.fc 100% | 70.3 MiB/s | 215.8 KiB | 00m00s [ 51/215] Installing systemd-libs-0:257 100% | 251.0 MiB/s | 2.3 MiB | 00m00s [ 52/215] Installing libsmartcols-0:2.4 100% | 177.1 MiB/s | 181.4 KiB | 00m00s [ 53/215] Installing libcom_err-0:1.47. 100% | 66.7 MiB/s | 68.3 KiB | 00m00s [ 54/215] Installing libsepol-0:3.7-3.f 100% | 266.6 MiB/s | 819.0 KiB | 00m00s [ 55/215] Installing pcre2-0:10.44-1.fc 100% | 213.2 MiB/s | 654.9 KiB | 00m00s [ 56/215] Installing libselinux-0:3.7-6 100% | 178.0 MiB/s | 182.3 KiB | 00m00s [ 57/215] Installing sed-0:4.9-3.fc41.x 100% | 121.3 MiB/s | 869.7 KiB | 00m00s [ 58/215] Installing findutils-1:4.10.0 100% | 185.8 MiB/s | 1.9 MiB | 00m00s [ 59/215] Installing grep-0:3.11-9.fc41 100% | 125.4 MiB/s | 1.0 MiB | 00m00s [ 60/215] Installing xz-1:5.6.3-2.fc42. 100% | 137.5 MiB/s | 1.2 MiB | 00m00s [ 61/215] Installing libmount-0:2.40.2- 100% | 174.3 MiB/s | 356.9 KiB | 00m00s [ 62/215] Installing lz4-libs-0:1.10.0- 100% | 143.1 MiB/s | 146.6 KiB | 00m00s [ 63/215] Installing libffi-0:3.4.6-3.f 100% | 85.7 MiB/s | 87.8 KiB | 00m00s [ 64/215] Installing lua-libs-0:5.4.7-1 100% | 139.7 MiB/s | 286.2 KiB | 00m00s [ 65/215] Installing libtasn1-0:4.19.0- 100% | 173.3 MiB/s | 177.5 KiB | 00m00s [ 66/215] Installing p11-kit-0:0.25.5-4 100% | 158.3 MiB/s | 2.2 MiB | 00m00s [ 67/215] Installing libunistring-0:1.1 100% | 288.5 MiB/s | 1.7 MiB | 00m00s [ 68/215] Installing libidn2-0:2.3.7-2. 100% | 81.8 MiB/s | 335.1 KiB | 00m00s [ 69/215] Installing libpsl-0:0.21.5-4. 100% | 79.7 MiB/s | 81.7 KiB | 00m00s [ 70/215] Installing p11-kit-trust-0:0. 100% | 33.0 MiB/s | 405.5 KiB | 00m00s [ 71/215] Installing zstd-0:1.5.6-2.fc4 100% | 241.6 MiB/s | 1.7 MiB | 00m00s [ 72/215] Installing util-linux-core-0: 100% | 138.9 MiB/s | 1.5 MiB | 00m00s [ 73/215] Installing tar-2:1.35-4.fc41. 100% | 227.6 MiB/s | 3.0 MiB | 00m00s [ 74/215] Installing libsemanage-0:3.7- 100% | 97.6 MiB/s | 299.8 KiB | 00m00s [ 75/215] Installing shadow-utils-2:4.1 100% | 127.9 MiB/s | 4.1 MiB | 00m00s [ 76/215] Installing zip-0:3.0-41.fc41. 100% | 53.1 MiB/s | 707.1 KiB | 00m00s [ 77/215] Installing groff-base-0:1.23. 100% | 121.0 MiB/s | 3.9 MiB | 00m00s [ 78/215] Installing gdbm-1:1.23-7.fc41 100% | 91.0 MiB/s | 465.8 KiB | 00m00s [ 79/215] Installing cyrus-sasl-lib-0:2 100% | 256.2 MiB/s | 2.3 MiB | 00m00s [ 80/215] Installing libfdisk-0:2.40.2- 100% | 177.7 MiB/s | 364.0 KiB | 00m00s [ 81/215] Installing bzip2-0:1.0.8-19.f 100% | 48.9 MiB/s | 100.2 KiB | 00m00s [ 82/215] Installing libxml2-0:2.12.8-2 100% | 244.6 MiB/s | 1.7 MiB | 00m00s [ 83/215] Installing add-determinism-0: 100% | 303.9 MiB/s | 2.4 MiB | 00m00s [ 84/215] Installing build-reproducibil 100% | 0.0 B/s | 1.0 KiB | 00m00s [ 85/215] Installing sqlite-libs-0:3.47 100% | 242.2 MiB/s | 1.5 MiB | 00m00s [ 86/215] Installing ed-0:1.20.2-2.fc41 100% | 72.8 MiB/s | 149.2 KiB | 00m00s [ 87/215] Installing patch-0:2.7.6-25.f 100% | 131.0 MiB/s | 268.2 KiB | 00m00s [ 88/215] Installing elfutils-default-y 100% | 227.0 KiB/s | 2.0 KiB | 00m00s [ 89/215] Installing elfutils-libs-0:0. 100% | 164.7 MiB/s | 674.7 KiB | 00m00s [ 90/215] Installing cpio-0:2.15-2.fc41 100% | 157.1 MiB/s | 1.1 MiB | 00m00s [ 91/215] Installing diffutils-0:3.10-8 100% | 176.7 MiB/s | 1.6 MiB | 00m00s [ 92/215] Installing libpkgconf-0:2.3.0 100% | 77.5 MiB/s | 79.3 KiB | 00m00s [ 93/215] Installing pkgconf-0:2.3.0-1. 100% | 89.0 MiB/s | 91.1 KiB | 00m00s [ 94/215] Installing json-c-0:0.18-1.fc 100% | 82.6 MiB/s | 84.6 KiB | 00m00s [ 95/215] Installing jansson-0:2.14-1.f 100% | 88.5 MiB/s | 90.7 KiB | 00m00s [ 96/215] Installing keyutils-libs-0:1. 100% | 54.5 MiB/s | 55.8 KiB | 00m00s [ 97/215] Installing libverto-0:0.3.2-9 100% | 30.5 MiB/s | 31.3 KiB | 00m00s [ 98/215] Installing libgomp-0:14.2.1-6 100% | 254.5 MiB/s | 521.2 KiB | 00m00s [ 99/215] Installing ncurses-0:6.5-2.20 100% | 154.8 MiB/s | 633.9 KiB | 00m00s [100/215] Installing xxhash-libs-0:0.8. 100% | 87.7 MiB/s | 89.8 KiB | 00m00s [101/215] Installing libbrotli-0:1.1.0- 100% | 205.0 MiB/s | 839.9 KiB | 00m00s [102/215] Installing libnghttp2-0:1.64. 100% | 171.5 MiB/s | 175.6 KiB | 00m00s [103/215] Installing libtool-ltdl-0:2.4 100% | 65.7 MiB/s | 67.3 KiB | 00m00s [104/215] Installing pkgconf-m4-0:2.3.0 100% | 0.0 B/s | 14.8 KiB | 00m00s [105/215] Installing pkgconf-pkg-config 100% | 1.7 MiB/s | 1.8 KiB | 00m00s [106/215] Installing rust-srpm-macros-0 100% | 0.0 B/s | 5.6 KiB | 00m00s [107/215] Installing qt6-srpm-macros-0: 100% | 0.0 B/s | 732.0 B | 00m00s [108/215] Installing qt5-srpm-macros-0: 100% | 0.0 B/s | 776.0 B | 00m00s [109/215] Installing perl-srpm-macros-0 100% | 0.0 B/s | 1.1 KiB | 00m00s [110/215] Installing package-notes-srpm 100% | 0.0 B/s | 2.0 KiB | 00m00s [111/215] Installing openblas-srpm-macr 100% | 0.0 B/s | 392.0 B | 00m00s [112/215] Installing ocaml-srpm-macros- 100% | 0.0 B/s | 2.2 KiB | 00m00s [113/215] Installing kernel-srpm-macros 100% | 0.0 B/s | 2.3 KiB | 00m00s [114/215] Installing gnat-srpm-macros-0 100% | 0.0 B/s | 1.3 KiB | 00m00s [115/215] Installing ghc-srpm-macros-0: 100% | 0.0 B/s | 1.0 KiB | 00m00s [116/215] Installing fpc-srpm-macros-0: 100% | 0.0 B/s | 420.0 B | 00m00s [117/215] Installing ansible-srpm-macro 100% | 35.4 MiB/s | 36.2 KiB | 00m00s [118/215] Installing coreutils-common-0 100% | 260.2 MiB/s | 11.2 MiB | 00m00s [119/215] Installing openssl-libs-1:3.2 100% | 326.2 MiB/s | 7.8 MiB | 00m00s [120/215] Installing coreutils-0:9.5-11 100% | 154.3 MiB/s | 5.4 MiB | 00m00s [121/215] Installing ca-certificates-0: 100% | 1.0 MiB/s | 2.4 MiB | 00m02s [122/215] Installing krb5-libs-0:1.21.3 100% | 177.2 MiB/s | 2.3 MiB | 00m00s [123/215] Installing libarchive-0:3.7.7 100% | 228.1 MiB/s | 934.2 KiB | 00m00s [124/215] Installing libtirpc-0:1.3.6-1 100% | 101.2 MiB/s | 207.3 KiB | 00m00s [125/215] Installing gzip-0:1.13-2.fc41 100% | 128.4 MiB/s | 394.6 KiB | 00m00s [126/215] Installing authselect-libs-0: 100% | 90.8 MiB/s | 837.2 KiB | 00m00s [127/215] Installing cracklib-0:2.9.11- 100% | 34.9 MiB/s | 250.3 KiB | 00m00s [128/215] Installing libpwquality-0:1.4 100% | 52.5 MiB/s | 430.1 KiB | 00m00s [129/215] Installing libnsl2-0:2.0.1-2. 100% | 57.7 MiB/s | 59.1 KiB | 00m00s [130/215] Installing pam-0:1.7.0-2.fc42 100% | 71.2 MiB/s | 1.7 MiB | 00m00s [131/215] Installing libssh-0:0.11.1-1. 100% | 186.1 MiB/s | 571.7 KiB | 00m00s [132/215] Installing rpm-sequoia-0:1.7. 100% | 263.0 MiB/s | 2.4 MiB | 00m00s [133/215] Installing rpm-libs-0:4.20.0- 100% | 236.9 MiB/s | 727.7 KiB | 00m00s [134/215] Installing rpm-build-libs-0:4 100% | 202.6 MiB/s | 207.5 KiB | 00m00s [135/215] Installing perl-Digest-0:1.20 100% | 36.2 MiB/s | 37.1 KiB | 00m00s [136/215] Installing perl-B-0:1.89-512. 100% | 163.2 MiB/s | 501.3 KiB | 00m00s [137/215] Installing perl-FileHandle-0: 100% | 0.0 B/s | 9.8 KiB | 00m00s [138/215] Installing perl-Digest-MD5-0: 100% | 60.2 MiB/s | 61.7 KiB | 00m00s [139/215] Installing perl-MIME-Base32-0 100% | 31.4 MiB/s | 32.2 KiB | 00m00s [140/215] Installing perl-Data-Dumper-0 100% | 110.9 MiB/s | 113.6 KiB | 00m00s [141/215] Installing perl-libnet-0:3.15 100% | 95.9 MiB/s | 294.7 KiB | 00m00s [142/215] Installing perl-AutoLoader-0: 100% | 0.0 B/s | 20.9 KiB | 00m00s [143/215] Installing perl-IO-Socket-IP- 100% | 98.1 MiB/s | 100.5 KiB | 00m00s [144/215] Installing perl-URI-0:5.31-1. 100% | 52.7 MiB/s | 269.6 KiB | 00m00s [145/215] Installing perl-Time-Local-2: 100% | 68.9 MiB/s | 70.6 KiB | 00m00s [146/215] Installing perl-File-Path-0:2 100% | 63.0 MiB/s | 64.5 KiB | 00m00s [147/215] Installing perl-Pod-Escapes-1 100% | 25.3 MiB/s | 25.9 KiB | 00m00s [148/215] Installing perl-Text-Tabs+Wra 100% | 23.3 MiB/s | 23.9 KiB | 00m00s [149/215] Installing perl-if-0:0.61.000 100% | 0.0 B/s | 6.2 KiB | 00m00s [150/215] Installing perl-locale-0:1.12 100% | 6.7 MiB/s | 6.9 KiB | 00m00s [151/215] Installing perl-Net-SSLeay-0: 100% | 151.4 MiB/s | 1.4 MiB | 00m00s [152/215] Installing perl-IO-Socket-SSL 100% | 172.7 MiB/s | 707.4 KiB | 00m00s [153/215] Installing perl-Class-Struct- 100% | 25.3 MiB/s | 25.9 KiB | 00m00s [154/215] Installing perl-Term-ANSIColo 100% | 96.9 MiB/s | 99.2 KiB | 00m00s [155/215] Installing perl-Term-Cap-0:1. 100% | 29.9 MiB/s | 30.6 KiB | 00m00s [156/215] Installing perl-File-Temp-1:0 100% | 160.2 MiB/s | 164.1 KiB | 00m00s [157/215] Installing perl-IPC-Open3-0:1 100% | 22.7 MiB/s | 23.3 KiB | 00m00s [158/215] Installing perl-POSIX-0:2.20- 100% | 115.4 MiB/s | 236.4 KiB | 00m00s [159/215] Installing perl-HTTP-Tiny-0:0 100% | 76.4 MiB/s | 156.4 KiB | 00m00s [160/215] Installing perl-Pod-Simple-1: 100% | 139.3 MiB/s | 570.5 KiB | 00m00s [161/215] Installing perl-Socket-4:2.03 100% | 61.6 MiB/s | 126.1 KiB | 00m00s [162/215] Installing perl-SelectSaver-0 100% | 2.5 MiB/s | 2.6 KiB | 00m00s [163/215] Installing perl-Symbol-0:1.09 100% | 0.0 B/s | 7.2 KiB | 00m00s [164/215] Installing perl-File-stat-0:1 100% | 12.7 MiB/s | 13.1 KiB | 00m00s [165/215] Installing perl-podlators-1:6 100% | 157.0 MiB/s | 321.4 KiB | 00m00s [166/215] Installing perl-Pod-Perldoc-0 100% | 82.6 MiB/s | 169.3 KiB | 00m00s [167/215] Installing perl-mro-0:1.29-51 100% | 45.6 MiB/s | 46.7 KiB | 00m00s [168/215] Installing perl-overloading-0 100% | 0.0 B/s | 5.5 KiB | 00m00s [169/215] Installing perl-Fcntl-0:1.18- 100% | 48.9 MiB/s | 50.1 KiB | 00m00s [170/215] Installing perl-Text-ParseWor 100% | 14.2 MiB/s | 14.6 KiB | 00m00s [171/215] Installing perl-base-0:2.27-5 100% | 12.6 MiB/s | 12.9 KiB | 00m00s [172/215] Installing perl-IO-0:1.55-512 100% | 75.8 MiB/s | 155.2 KiB | 00m00s [173/215] Installing perl-Pod-Usage-4:2 100% | 84.3 MiB/s | 86.3 KiB | 00m00s [174/215] Installing perl-Errno-0:1.38- 100% | 0.0 B/s | 8.8 KiB | 00m00s [175/215] Installing perl-Scalar-List-U 100% | 49.7 MiB/s | 152.6 KiB | 00m00s [176/215] Installing perl-constant-0:1. 100% | 26.7 MiB/s | 27.4 KiB | 00m00s [177/215] Installing perl-File-Basename 100% | 0.0 B/s | 14.6 KiB | 00m00s [178/215] Installing perl-Getopt-Std-0: 100% | 0.0 B/s | 11.7 KiB | 00m00s [179/215] Installing perl-MIME-Base64-0 100% | 47.2 MiB/s | 48.4 KiB | 00m00s [180/215] Installing perl-parent-1:0.24 100% | 10.5 MiB/s | 10.7 KiB | 00m00s [181/215] Installing perl-vars-0:1.05-5 100% | 0.0 B/s | 4.3 KiB | 00m00s [182/215] Installing perl-overload-0:1. 100% | 70.3 MiB/s | 71.9 KiB | 00m00s [183/215] Installing perl-Storable-1:3. 100% | 114.3 MiB/s | 234.0 KiB | 00m00s [184/215] Installing perl-Getopt-Long-1 100% | 71.9 MiB/s | 147.2 KiB | 00m00s [185/215] Installing perl-Carp-0:1.54-5 100% | 46.6 MiB/s | 47.7 KiB | 00m00s [186/215] Installing perl-Exporter-0:5. 100% | 54.3 MiB/s | 55.6 KiB | 00m00s [187/215] Installing perl-PathTools-0:3 100% | 90.1 MiB/s | 184.6 KiB | 00m00s [188/215] Installing perl-DynaLoader-0: 100% | 31.7 MiB/s | 32.5 KiB | 00m00s [189/215] Installing perl-Encode-4:3.21 100% | 248.3 MiB/s | 4.7 MiB | 00m00s [190/215] Installing perl-libs-4:5.40.0 100% | 158.4 MiB/s | 10.0 MiB | 00m00s [191/215] Installing perl-interpreter-4 100% | 60.5 MiB/s | 124.0 KiB | 00m00s [192/215] Installing libevent-0:2.1.12- 100% | 219.6 MiB/s | 899.5 KiB | 00m00s [193/215] Installing openldap-0:2.6.8-5 100% | 158.2 MiB/s | 648.0 KiB | 00m00s [194/215] Installing libcurl-0:8.10.1-2 100% | 74.5 MiB/s | 839.5 KiB | 00m00s [195/215] Installing elfutils-debuginfo 100% | 40.3 MiB/s | 82.6 KiB | 00m00s [196/215] Installing binutils-0:2.43.50 100% | 279.5 MiB/s | 28.5 MiB | 00m00s [197/215] Installing elfutils-0:0.192-6 100% | 220.4 MiB/s | 2.6 MiB | 00m00s [198/215] Installing gdb-minimal-0:15.2 100% | 309.4 MiB/s | 13.0 MiB | 00m00s [199/215] Installing debugedit-0:5.1-1. 100% | 95.4 MiB/s | 195.4 KiB | 00m00s [200/215] Installing curl-0:8.10.1-2.fc 100% | 23.4 MiB/s | 455.8 KiB | 00m00s [201/215] Installing rpm-0:4.20.0-1.fc4 100% | 92.8 MiB/s | 2.5 MiB | 00m00s [202/215] Installing efi-srpm-macros-0: 100% | 40.2 MiB/s | 41.2 KiB | 00m00s [203/215] Installing lua-srpm-macros-0: 100% | 0.0 B/s | 1.9 KiB | 00m00s [204/215] Installing zig-srpm-macros-0: 100% | 0.0 B/s | 1.7 KiB | 00m00s [205/215] Installing fonts-srpm-macros- 100% | 55.7 MiB/s | 57.0 KiB | 00m00s [206/215] Installing forge-srpm-macros- 100% | 39.3 MiB/s | 40.3 KiB | 00m00s [207/215] Installing go-srpm-macros-0:3 100% | 60.5 MiB/s | 62.0 KiB | 00m00s [208/215] Installing python-srpm-macros 100% | 50.9 MiB/s | 52.2 KiB | 00m00s [209/215] Installing redhat-rpm-config- 100% | 62.9 MiB/s | 193.2 KiB | 00m00s [210/215] Installing rpm-build-0:4.20.0 100% | 49.5 MiB/s | 202.9 KiB | 00m00s [211/215] Installing pyproject-srpm-mac 100% | 2.4 MiB/s | 2.5 KiB | 00m00s [212/215] Installing util-linux-0:2.40. 100% | 92.9 MiB/s | 3.7 MiB | 00m00s [213/215] Installing authselect-0:1.5.0 100% | 39.5 MiB/s | 161.9 KiB | 00m00s [214/215] Installing which-0:2.21-42.fc 100% | 80.5 MiB/s | 82.4 KiB | 00m00s [215/215] Installing info-0:7.1.1-2.fc4 100% | 137.0 KiB/s | 362.2 KiB | 00m03s Warning: skipped PGP checks for 213 packages from repositories: copr_base, http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch Complete! Finish: installing minimal buildroot with dnf5 Start: creating root cache Finish: creating root cache Finish: chroot init INFO: Installed packages: INFO: add-determinism-0.4.3-1.fc42.x86_64 alternatives-1.30-1.fc41.x86_64 ansible-srpm-macros-1-16.fc41.noarch audit-libs-4.0.2-1.fc41.x86_64 authselect-1.5.0-8.fc42.x86_64 authselect-libs-1.5.0-8.fc42.x86_64 basesystem-11-21.fc41.noarch bash-5.2.37-1.fc42.x86_64 binutils-2.43.50-7.fc42.x86_64 build-reproducibility-srpm-macros-0.4.3-1.fc42.noarch bzip2-1.0.8-19.fc41.x86_64 bzip2-libs-1.0.8-19.fc41.x86_64 ca-certificates-2024.2.69_v8.0.401-2.fc42.noarch coreutils-9.5-11.fc42.x86_64 coreutils-common-9.5-11.fc42.x86_64 cpio-2.15-2.fc41.x86_64 cracklib-2.9.11-6.fc41.x86_64 crypto-policies-20241106-1.git35892de.fc42.noarch curl-8.10.1-2.fc42.x86_64 cyrus-sasl-lib-2.1.28-27.fc41.x86_64 debugedit-5.1-1.fc42.x86_64 diffutils-3.10-8.fc41.x86_64 dwz-0.15-8.fc42.x86_64 ed-1.20.2-2.fc41.x86_64 efi-srpm-macros-5-12.fc41.noarch elfutils-0.192-6.fc42.x86_64 elfutils-debuginfod-client-0.192-6.fc42.x86_64 elfutils-default-yama-scope-0.192-6.fc42.noarch elfutils-libelf-0.192-6.fc42.x86_64 elfutils-libs-0.192-6.fc42.x86_64 fedora-gpg-keys-42-0.3.noarch fedora-release-42-0.8.noarch fedora-release-common-42-0.8.noarch fedora-release-identity-basic-42-0.8.noarch fedora-repos-42-0.3.noarch fedora-repos-rawhide-42-0.3.noarch file-5.45-7.fc41.x86_64 file-libs-5.45-7.fc41.x86_64 filesystem-3.18-29.fc42.x86_64 findutils-4.10.0-4.fc41.x86_64 fonts-srpm-macros-2.0.5-17.fc41.noarch forge-srpm-macros-0.4.0-1.fc42.noarch fpc-srpm-macros-1.3-13.fc41.noarch gawk-5.3.0-4.fc41.x86_64 gdb-minimal-15.2-3.fc42.x86_64 gdbm-1.23-7.fc41.x86_64 gdbm-libs-1.23-7.fc41.x86_64 ghc-srpm-macros-1.9.2-1.fc42.noarch glibc-2.40.9000-18.fc42.x86_64 glibc-common-2.40.9000-18.fc42.x86_64 glibc-gconv-extra-2.40.9000-18.fc42.x86_64 glibc-minimal-langpack-2.40.9000-18.fc42.x86_64 gmp-6.3.0-2.fc41.x86_64 gnat-srpm-macros-6-6.fc41.noarch go-srpm-macros-3.6.0-3.fc41.noarch grep-3.11-9.fc41.x86_64 groff-base-1.23.0-7.fc41.x86_64 gzip-1.13-2.fc41.x86_64 info-7.1.1-2.fc42.x86_64 jansson-2.14-1.fc42.x86_64 json-c-0.18-1.fc42.x86_64 kernel-srpm-macros-1.0-24.fc41.noarch keyutils-libs-1.6.3-4.fc41.x86_64 krb5-libs-1.21.3-3.fc42.x86_64 libacl-2.3.2-2.fc41.x86_64 libarchive-3.7.7-1.fc42.x86_64 libattr-2.5.2-4.fc41.x86_64 libblkid-2.40.2-8.fc42.x86_64 libbrotli-1.1.0-5.fc41.x86_64 libcap-2.71-1.fc42.x86_64 libcap-ng-0.8.5-3.fc41.x86_64 libcom_err-1.47.1-6.fc42.x86_64 libcurl-8.10.1-2.fc42.x86_64 libeconf-0.7.4-3.fc42.x86_64 libevent-2.1.12-14.fc41.x86_64 libfdisk-2.40.2-8.fc42.x86_64 libffi-3.4.6-3.fc42.x86_64 libgcc-14.2.1-6.fc42.x86_64 libgomp-14.2.1-6.fc42.x86_64 libidn2-2.3.7-2.fc41.x86_64 libmount-2.40.2-8.fc42.x86_64 libnghttp2-1.64.0-1.fc42.x86_64 libnsl2-2.0.1-2.fc41.x86_64 libpkgconf-2.3.0-1.fc42.x86_64 libpsl-0.21.5-4.fc41.x86_64 libpwquality-1.4.5-11.fc41.x86_64 libselinux-3.7-6.fc42.x86_64 libsemanage-3.7-3.fc42.x86_64 libsepol-3.7-3.fc42.x86_64 libsmartcols-2.40.2-8.fc42.x86_64 libssh-0.11.1-1.fc42.x86_64 libssh-config-0.11.1-1.fc42.noarch libstdc++-14.2.1-6.fc42.x86_64 libtasn1-4.19.0-9.fc41.x86_64 libtirpc-1.3.6-1.fc42.x86_64 libtool-ltdl-2.4.7-12.fc41.x86_64 libunistring-1.1-8.fc41.x86_64 libuuid-2.40.2-8.fc42.x86_64 libverto-0.3.2-9.fc41.x86_64 libxcrypt-4.4.36-10.fc42.x86_64 libxml2-2.12.8-2.fc41.x86_64 libzstd-1.5.6-2.fc41.x86_64 lua-libs-5.4.7-1.fc42.x86_64 lua-srpm-macros-1-14.fc41.noarch lz4-libs-1.10.0-1.fc41.x86_64 mpfr-4.2.1-5.fc41.x86_64 ncurses-6.5-2.20240629.fc41.x86_64 ncurses-base-6.5-2.20240629.fc41.noarch ncurses-libs-6.5-2.20240629.fc41.x86_64 ocaml-srpm-macros-10-3.fc41.noarch openblas-srpm-macros-2-18.fc41.noarch openldap-2.6.8-5.fc41.x86_64 openssl-libs-3.2.2-8.fc42.x86_64 p11-kit-0.25.5-4.fc42.x86_64 p11-kit-trust-0.25.5-4.fc42.x86_64 package-notes-srpm-macros-0.5-12.fc41.noarch pam-1.7.0-2.fc42.x86_64 pam-libs-1.7.0-2.fc42.x86_64 patch-2.7.6-25.fc41.x86_64 pcre2-10.44-1.fc41.1.x86_64 pcre2-syntax-10.44-1.fc41.1.noarch perl-AutoLoader-5.74-512.fc42.noarch perl-B-1.89-512.fc42.x86_64 perl-Carp-1.54-511.fc41.noarch perl-Class-Struct-0.68-512.fc42.noarch perl-Data-Dumper-2.189-512.fc41.x86_64 perl-Digest-1.20-511.fc41.noarch perl-Digest-MD5-2.59-5.fc41.x86_64 perl-DynaLoader-1.56-512.fc42.x86_64 perl-Encode-3.21-511.fc41.x86_64 perl-Errno-1.38-512.fc42.x86_64 perl-Exporter-5.78-511.fc41.noarch perl-Fcntl-1.18-512.fc42.x86_64 perl-File-Basename-2.86-512.fc42.noarch perl-File-Path-2.18-511.fc41.noarch perl-File-Temp-0.231.100-511.fc41.noarch perl-File-stat-1.14-512.fc42.noarch perl-FileHandle-2.05-512.fc42.noarch perl-Getopt-Long-2.58-2.fc41.noarch perl-Getopt-Std-1.14-512.fc42.noarch perl-HTTP-Tiny-0.090-1.fc42.noarch perl-IO-1.55-512.fc42.x86_64 perl-IO-Socket-IP-0.42-512.fc41.noarch perl-IO-Socket-SSL-2.089-1.fc42.noarch perl-IPC-Open3-1.22-512.fc42.noarch perl-MIME-Base32-1.303-21.fc41.noarch perl-MIME-Base64-3.16-511.fc41.x86_64 perl-Net-SSLeay-1.94-7.fc41.x86_64 perl-POSIX-2.20-512.fc42.x86_64 perl-PathTools-3.91-511.fc41.x86_64 perl-Pod-Escapes-1.07-511.fc41.noarch perl-Pod-Perldoc-3.28.01-512.fc41.noarch perl-Pod-Simple-3.45-511.fc41.noarch perl-Pod-Usage-2.03-511.fc41.noarch perl-Scalar-List-Utils-1.68-1.fc42.x86_64 perl-SelectSaver-1.02-512.fc42.noarch perl-Socket-2.038-511.fc41.x86_64 perl-Storable-3.32-511.fc41.x86_64 perl-Symbol-1.09-512.fc42.noarch perl-Term-ANSIColor-5.01-512.fc41.noarch perl-Term-Cap-1.18-511.fc41.noarch perl-Text-ParseWords-3.31-511.fc41.noarch perl-Text-Tabs+Wrap-2024.001-511.fc41.noarch perl-Time-Local-1.350-511.fc41.noarch perl-URI-5.31-1.fc42.noarch perl-base-2.27-512.fc42.noarch perl-constant-1.33-512.fc41.noarch perl-if-0.61.000-512.fc42.noarch perl-interpreter-5.40.0-512.fc42.x86_64 perl-libnet-3.15-512.fc41.noarch perl-libs-5.40.0-512.fc42.x86_64 perl-locale-1.12-512.fc42.noarch perl-mro-1.29-512.fc42.x86_64 perl-overload-1.37-512.fc42.noarch perl-overloading-0.02-512.fc42.noarch perl-parent-0.242-1.fc42.noarch perl-podlators-6.0.2-2.fc41.noarch perl-srpm-macros-1-56.fc41.noarch perl-vars-1.05-512.fc42.noarch pkgconf-2.3.0-1.fc42.x86_64 pkgconf-m4-2.3.0-1.fc42.noarch pkgconf-pkg-config-2.3.0-1.fc42.x86_64 popt-1.19-7.fc41.x86_64 publicsuffix-list-dafsa-20240107-4.fc41.noarch pyproject-srpm-macros-1.16.2-1.fc42.noarch python-srpm-macros-3.13-3.fc41.noarch qt5-srpm-macros-5.15.15-1.fc42.noarch qt6-srpm-macros-6.8.0-1.fc42.noarch readline-8.2-11.fc42.x86_64 redhat-rpm-config-296-1.fc42.noarch rpm-4.20.0-1.fc42.x86_64 rpm-build-4.20.0-1.fc42.x86_64 rpm-build-libs-4.20.0-1.fc42.x86_64 rpm-libs-4.20.0-1.fc42.x86_64 rpm-sequoia-1.7.0-2.fc41.x86_64 rust-srpm-macros-26.3-3.fc42.noarch sed-4.9-3.fc41.x86_64 setup-2.15.0-5.fc41.noarch shadow-utils-4.16.0-7.fc42.x86_64 sqlite-libs-3.47.0-1.fc42.x86_64 systemd-libs-257~rc1-2.fc42.x86_64 tar-1.35-4.fc41.x86_64 unzip-6.0-64.fc41.x86_64 util-linux-2.40.2-8.fc42.x86_64 util-linux-core-2.40.2-8.fc42.x86_64 which-2.21-42.fc41.x86_64 xxhash-libs-0.8.2-4.fc42.x86_64 xz-5.6.3-2.fc42.x86_64 xz-libs-5.6.3-2.fc42.x86_64 zig-srpm-macros-1-3.fc41.noarch zip-3.0-41.fc41.x86_64 zlib-ng-compat-2.2.2-1.fc42.x86_64 zstd-1.5.6-2.fc41.x86_64 Start: buildsrpm Start: rpmbuild -bs Building target platforms: x86_64 Building for target x86_64 setting SOURCE_DATE_EPOCH=1721347200 Wrote: /builddir/build/SRPMS/python-pysaml2-7.4.2-6.fc42.src.rpm Finish: rpmbuild -bs INFO: chroot_scan: 1 files copied to /var/lib/copr-rpmbuild/results/chroot_scan INFO: /var/lib/mock/fedora-rawhide-x86_64-1731577445.236555/root/var/log/dnf5.log INFO: chroot_scan: creating tarball /var/lib/copr-rpmbuild/results/chroot_scan.tar.gz /bin/tar: Removing leading `/' from member names Finish: buildsrpm INFO: Done(/var/lib/copr-rpmbuild/workspace/workdir-rj7kgvy0/python-pysaml2/python-pysaml2.spec) Config(child) 0 minutes 21 seconds INFO: Results and/or logs in: /var/lib/copr-rpmbuild/results INFO: Cleaning up build root ('cleanup_on_success=True') Start: clean chroot INFO: unmounting tmpfs. Finish: clean chroot INFO: Start(/var/lib/copr-rpmbuild/results/python-pysaml2-7.4.2-6.fc42.src.rpm) Config(fedora-rawhide-x86_64) Start(bootstrap): chroot init INFO: mounting tmpfs at /var/lib/mock/fedora-rawhide-x86_64-bootstrap-1731577445.236555/root. INFO: reusing tmpfs at /var/lib/mock/fedora-rawhide-x86_64-bootstrap-1731577445.236555/root. INFO: calling preinit hooks INFO: enabled root cache INFO: enabled package manager cache Start(bootstrap): cleaning package manager metadata Finish(bootstrap): cleaning package manager metadata Finish(bootstrap): chroot init Start: chroot init INFO: mounting tmpfs at /var/lib/mock/fedora-rawhide-x86_64-1731577445.236555/root. INFO: calling preinit hooks INFO: enabled root cache Start: unpacking root cache Finish: unpacking root cache INFO: enabled package manager cache Start: cleaning package manager metadata Finish: cleaning package manager metadata INFO: enabled HW Info plugin INFO: Buildroot is handled by package management downloaded with a bootstrap image: rpm-4.20.0-1.fc42.x86_64 rpm-sequoia-1.7.0-2.fc41.x86_64 dnf5-5.2.7.0-1.fc42.x86_64 dnf5-plugins-5.2.7.0-1.fc42.x86_64 Finish: chroot init Start: build phase for python-pysaml2-7.4.2-6.fc42.src.rpm Start: build setup for python-pysaml2-7.4.2-6.fc42.src.rpm Building target platforms: x86_64 Building for target x86_64 setting SOURCE_DATE_EPOCH=1721347200 Wrote: /builddir/build/SRPMS/python-pysaml2-7.4.2-6.fc42.src.rpm Updating and loading repositories: fedora 100% | 837.4 KiB/s | 27.6 KiB | 00m00s Additional repo http_kojipkgs_fedorapr 100% | 64.9 KiB/s | 3.8 KiB | 00m00s Copr repository 100% | 28.4 KiB/s | 1.5 KiB | 00m00s Repositories loaded. Package Arch Version Repository Size Installing: git-core x86_64 2.47.0-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 22.6 MiB pyproject-rpm-macros noarch 1.16.2-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 113.8 KiB python3-devel x86_64 3.13.0-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.8 MiB python3-pymongo x86_64 4.2.0-8.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 2.5 MiB python3-pytest noarch 8.3.3-3.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 20.8 MiB python3-responses noarch 0.25.3-2.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 288.6 KiB python3-sphinx noarch 1:8.1.3-1.fc42 copr_base 11.1 MiB xmlsec1 x86_64 1:1.2.39-4.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 551.3 KiB xmlsec1-openssl x86_64 1:1.2.39-4.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 277.1 KiB Installing dependencies: expat x86_64 2.6.4-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 285.5 KiB less x86_64 668-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 406.4 KiB libb2 x86_64 0.98.1-12.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 42.2 KiB libcbor x86_64 0.11.0-2.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 73.9 KiB libedit x86_64 3.1-53.20240808cvs.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 244.1 KiB libfido2 x86_64 1.15.0-2.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 238.2 KiB libxslt x86_64 1.1.42-2.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 483.1 KiB libyaml x86_64 0.2.5-15.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 134.4 KiB mpdecimal x86_64 2.5.1-16.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 204.9 KiB openssh x86_64 9.9p1-5.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.4 MiB openssh-clients x86_64 9.9p1-5.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 2.7 MiB python-pip-wheel noarch 24.3.1-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.2 MiB python-rpm-macros noarch 3.13-3.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 22.1 KiB python3 x86_64 3.13.0-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 31.8 KiB python3-babel noarch 2.16.0-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 28.3 MiB python3-bson x86_64 4.2.0-8.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 470.1 KiB python3-charset-normalizer noarch 3.4.0-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 319.9 KiB python3-docutils noarch 0.21.2-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 4.9 MiB python3-idna noarch 3.9-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 639.8 KiB python3-imagesize noarch 1.4.1-9.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 35.3 KiB python3-iniconfig noarch 1.1.1-23.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 20.6 KiB python3-jinja2 noarch 3.1.4-5.fc42 copr_base 2.9 MiB python3-libs x86_64 3.13.0-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 40.4 MiB python3-markupsafe x86_64 3.0.2-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 56.1 KiB python3-packaging noarch 24.2-2.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 555.7 KiB python3-pluggy noarch 1.5.0-1.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 193.2 KiB python3-pygments noarch 2.18.0-3.fc42 copr_base 10.6 MiB python3-pyyaml x86_64 6.0.1-18.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 791.1 KiB python3-requests noarch 2.32.3-3.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 485.9 KiB python3-rpm-generators noarch 14-11.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 81.7 KiB python3-rpm-macros noarch 3.13-3.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 6.4 KiB python3-snowballstemmer noarch 2.2.0-13.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.7 MiB python3-sphinx-theme-alabaster noarch 0.7.16-6.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 41.9 KiB python3-urllib3 noarch 2.2.3-3.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.0 MiB tzdata noarch 2024a-9.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.7 MiB Transaction Summary: Installing: 44 packages Total size of inbound packages is 35 MiB. Need to download 974 KiB. After this operation, 163 MiB extra will be used (install 163 MiB, remove 0 B). [1/1] git-core-0:2.47.0-1.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [1/1] Total 100% | 0.0 B/s | 0.0 B | 00m00s [1/2] pyproject-rpm-macros-0:1.16.2-1.f 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [2/2] Total 100% | 0.0 B/s | 0.0 B | 00m00s [1/3] python3-devel-0:3.13.0-1.fc42.x86 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded -------------------------------------------------------------------------------- [3/3] Total 100% | 0.0 B/s | 0.0 B | 00m00s [1/6] python3-sphinx-1:8.1.3-1.fc42.noa 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [2/9] python3-pytest-0:8.3.3-3.fc42.noa 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 3/10] python3-0:3.13.0-1.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 4/11] python3-babel-0:2.16.0-1.fc42.n 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 5/12] python3-docutils-0:0.21.2-1.fc4 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 6/13] python3-imagesize-0:1.4.1-9.fc4 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 7/14] python3-jinja2-0:3.1.4-5.fc42.n 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 8/15] python3-packaging-0:24.2-2.fc42 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [ 9/16] python3-pygments-0:2.18.0-3.fc4 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [10/17] python3-requests-0:2.32.3-3.fc4 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [11/18] python3-snowballstemmer-0:2.2.0 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [12/19] python3-sphinx-theme-alabaster- 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [13/20] python3-markupsafe-0:3.0.2-1.fc 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [14/21] libxslt-0:1.1.42-2.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [15/22] python3-pyyaml-0:6.0.1-18.fc41. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [16/23] python3-urllib3-0:2.2.3-3.fc42. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [17/24] python3-charset-normalizer-0:3. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [18/25] python3-idna-0:3.9-1.fc42.noarc 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [19/26] libyaml-0:0.2.5-15.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [20/27] python3-iniconfig-0:1.1.1-23.fc 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [21/28] python3-pluggy-0:1.5.0-1.fc41.n 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [22/30] python3-libs-0:3.13.0-1.fc42.x8 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [23/31] python-rpm-macros-0:3.13-3.fc41 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [24/32] python3-rpm-macros-0:3.13-3.fc4 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [25/33] expat-0:2.6.4-1.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [26/34] less-0:668-1.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [27/35] openssh-clients-0:9.9p1-5.fc42. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [28/36] libb2-0:0.98.1-12.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [29/37] mpdecimal-0:2.5.1-16.fc41.x86_6 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [30/38] python-pip-wheel-0:24.3.1-1.fc4 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [31/39] tzdata-0:2024a-9.fc41.noarch 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [32/40] libedit-0:3.1-53.20240808cvs.fc 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [33/41] libfido2-0:1.15.0-2.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [34/42] openssh-0:9.9p1-5.fc42.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [35/43] libcbor-0:0.11.0-2.fc41.x86_64 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [36/44] python3-rpm-generators-0:14-11. 100% | 0.0 B/s | 0.0 B | 00m00s >>> Already downloaded [37/44] python3-responses-0:0.25.3-2.fc 100% | 947.6 KiB/s | 68.2 KiB | 00m00s [38/44] xmlsec1-1:1.2.39-4.fc41.x86_64 100% | 2.0 MiB/s | 185.1 KiB | 00m00s [39/44] xmlsec1-openssl-1:1.2.39-4.fc41 100% | 3.0 MiB/s | 91.3 KiB | 00m00s [40/44] python3-pymongo-0:4.2.0-8.fc41. 100% | 4.3 MiB/s | 494.2 KiB | 00m00s [41/44] python3-bson-0:4.2.0-8.fc41.x86 100% | 5.5 MiB/s | 135.1 KiB | 00m00s -------------------------------------------------------------------------------- [44/44] Total 100% | 0.0 B/s | 0.0 B | 00m00s Running transaction [ 1/46] Verify package files 100% | 360.0 B/s | 44.0 B | 00m00s [ 2/46] Prepare transaction 100% | 478.0 B/s | 44.0 B | 00m00s [ 3/46] Installing python-rpm-macros-0: 100% | 22.3 MiB/s | 22.8 KiB | 00m00s [ 4/46] Installing python3-rpm-macros-0 100% | 0.0 B/s | 6.7 KiB | 00m00s [ 5/46] Installing expat-0:2.6.4-1.fc42 100% | 140.4 MiB/s | 287.6 KiB | 00m00s [ 6/46] Installing libxslt-0:1.1.42-2.f 100% | 158.3 MiB/s | 486.2 KiB | 00m00s [ 7/46] Installing xmlsec1-1:1.2.39-4.f 100% | 180.2 MiB/s | 553.4 KiB | 00m00s [ 8/46] Installing pyproject-rpm-macros 100% | 113.0 MiB/s | 115.7 KiB | 00m00s [ 9/46] Installing libcbor-0:0.11.0-2.f 100% | 73.5 MiB/s | 75.3 KiB | 00m00s [10/46] Installing libfido2-0:1.15.0-2. 100% | 117.1 MiB/s | 239.7 KiB | 00m00s [11/46] Installing openssh-0:9.9p1-5.fc 100% | 275.9 MiB/s | 1.4 MiB | 00m00s [12/46] Installing libedit-0:3.1-53.202 100% | 120.0 MiB/s | 245.8 KiB | 00m00s [13/46] Installing openssh-clients-0:9. 100% | 115.6 MiB/s | 2.7 MiB | 00m00s [14/46] Installing tzdata-0:2024a-9.fc4 100% | 27.7 MiB/s | 1.9 MiB | 00m00s [15/46] Installing python-pip-wheel-0:2 100% | 414.7 MiB/s | 1.2 MiB | 00m00s [16/46] Installing mpdecimal-0:2.5.1-16 100% | 201.2 MiB/s | 206.0 KiB | 00m00s [17/46] Installing libb2-0:0.98.1-12.fc 100% | 10.6 MiB/s | 43.3 KiB | 00m00s [18/46] Installing python3-libs-0:3.13. 100% | 202.6 MiB/s | 40.7 MiB | 00m00s [19/46] Installing python3-0:3.13.0-1.f 100% | 32.8 MiB/s | 33.5 KiB | 00m00s [20/46] Installing python3-packaging-0: 100% | 110.9 MiB/s | 568.0 KiB | 00m00s [21/46] Installing python3-idna-0:3.9-1 100% | 157.7 MiB/s | 646.1 KiB | 00m00s [22/46] Installing python3-urllib3-0:2. 100% | 111.3 MiB/s | 1.0 MiB | 00m00s [23/46] Installing python3-rpm-generato 100% | 27.0 MiB/s | 82.9 KiB | 00m00s [24/46] Installing python3-babel-0:2.16 100% | 229.9 MiB/s | 28.5 MiB | 00m00s [25/46] Installing python3-docutils-0:0 100% | 144.2 MiB/s | 5.0 MiB | 00m00s [26/46] Installing python3-imagesize-0: 100% | 12.5 MiB/s | 38.3 KiB | 00m00s [27/46] Installing python3-pygments-0:2 100% | 174.6 MiB/s | 10.8 MiB | 00m00s [28/46] Installing python3-snowballstem 100% | 193.8 MiB/s | 1.7 MiB | 00m00s [29/46] Installing python3-sphinx-theme 100% | 22.7 MiB/s | 46.4 KiB | 00m00s [30/46] Installing python3-markupsafe-0 100% | 29.4 MiB/s | 60.2 KiB | 00m00s [31/46] Installing python3-jinja2-0:3.1 100% | 223.1 MiB/s | 2.9 MiB | 00m00s [32/46] Installing python3-charset-norm 100% | 80.5 MiB/s | 329.8 KiB | 00m00s [33/46] Installing python3-requests-0:2 100% | 97.3 MiB/s | 498.0 KiB | 00m00s [34/46] Installing python3-iniconfig-0: 100% | 11.5 MiB/s | 23.6 KiB | 00m00s [35/46] Installing python3-pluggy-0:1.5 100% | 64.9 MiB/s | 199.4 KiB | 00m00s [36/46] Installing python3-bson-0:4.2.0 100% | 117.6 MiB/s | 481.8 KiB | 00m00s [37/46] Installing less-0:668-1.fc42.x8 100% | 133.4 MiB/s | 409.7 KiB | 00m00s [38/46] Installing libyaml-0:0.2.5-15.f 100% | 132.6 MiB/s | 135.8 KiB | 00m00s [39/46] Installing python3-pyyaml-0:6.0 100% | 131.0 MiB/s | 804.9 KiB | 00m00s [40/46] Installing python3-responses-0: 100% | 95.3 MiB/s | 292.8 KiB | 00m00s [41/46] Installing git-core-0:2.47.0-1. 100% | 333.0 MiB/s | 22.6 MiB | 00m00s [42/46] Installing python3-pymongo-0:4. 100% | 171.7 MiB/s | 2.6 MiB | 00m00s [43/46] Installing python3-pytest-0:8.3 100% | 265.3 MiB/s | 21.0 MiB | 00m00s [44/46] Installing python3-sphinx-1:8.1 100% | 127.3 MiB/s | 11.3 MiB | 00m00s [45/46] Installing python3-devel-0:3.13 100% | 106.7 MiB/s | 1.8 MiB | 00m00s [46/46] Installing xmlsec1-openssl-1:1. 100% | 6.6 MiB/s | 278.1 KiB | 00m00s Warning: skipped PGP checks for 44 packages from repositories: copr_base, http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch Complete! Finish: build setup for python-pysaml2-7.4.2-6.fc42.src.rpm Start: rpmbuild python-pysaml2-7.4.2-6.fc42.src.rpm Building target platforms: x86_64 Building for target x86_64 setting SOURCE_DATE_EPOCH=1721347200 Executing(%mkbuilddir): /bin/sh -e /var/tmp/rpm-tmp.B0fvB1 + umask 022 + cd /builddir/build/BUILD/python-pysaml2-7.4.2-build + test -d /builddir/build/BUILD/python-pysaml2-7.4.2-build + /usr/bin/chmod -Rf a+rX,u+w,g-w,o-w /builddir/build/BUILD/python-pysaml2-7.4.2-build + /usr/bin/rm -rf /builddir/build/BUILD/python-pysaml2-7.4.2-build + /usr/bin/mkdir -p /builddir/build/BUILD/python-pysaml2-7.4.2-build + /usr/bin/mkdir -p /builddir/build/BUILD/python-pysaml2-7.4.2-build/SPECPARTS + RPM_EC=0 ++ jobs -p + exit 0 Executing(%prep): /bin/sh -e /var/tmp/rpm-tmp.a74cQ6 + umask 022 + cd /builddir/build/BUILD/python-pysaml2-7.4.2-build + cd /builddir/build/BUILD/python-pysaml2-7.4.2-build + rm -rf pysaml2-7.4.2 + /usr/lib/rpm/rpmuncompress -x /builddir/build/SOURCES/pysaml2-7.4.2.tar.gz + STATUS=0 + '[' 0 -ne 0 ']' + cd pysaml2-7.4.2 + /usr/bin/chmod -Rf a+rX,u+w,g-w,o-w . + /usr/bin/git init -q + /usr/bin/git config user.name rpm-build + /usr/bin/git config user.email '' + /usr/bin/git config gc.auto 0 + /usr/bin/git add --force . + GIT_COMMITTER_DATE=@1721347200 + GIT_AUTHOR_DATE=@1721347200 + /usr/bin/git commit -q --allow-empty -a --author 'rpm-build ' -m 'python-pysaml2-7.4.2 base' + /usr/bin/git checkout --track -b rpm-build Switched to a new branch 'rpm-build' branch 'rpm-build' set up to track 'master'. + /usr/lib/rpm/rpmuncompress /builddir/build/SOURCES/0001-Remove-utility-from-packaging.patch + /usr/bin/git apply --index --reject - Checking patch pyproject.toml... Applied patch pyproject.toml cleanly. + GIT_COMMITTER_DATE=@1721347200 + GIT_AUTHOR_DATE=@1721347200 + /usr/bin/git commit -q -m 0001-Remove-utility-from-packaging.patch --author 'rpm-build ' + sed -i 's|f"""#!/usr/bin/env python|f"""|' src/saml2/tools/parse_xsd2.py + find src -name '*.py' + read source + head -n1 src/saml2/__init__.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/__init__.py src/saml2/__init__.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/__init__.py + touch --ref=src/saml2/__init__.py.ts src/saml2/__init__.py + rm src/saml2/__init__.py.ts + read source + head -n1 src/saml2/algsupport.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/argtree.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/assertion.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/assertion.py src/saml2/assertion.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/assertion.py + touch --ref=src/saml2/assertion.py.ts src/saml2/assertion.py + rm src/saml2/assertion.py.ts + read source + head -n1 src/saml2/attribute_converter.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/attribute_converter.py src/saml2/attribute_converter.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/attribute_converter.py + touch --ref=src/saml2/attribute_converter.py.ts src/saml2/attribute_converter.py + rm src/saml2/attribute_converter.py.ts + read source + head -n1 src/saml2/attribute_resolver.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/attribute_resolver.py src/saml2/attribute_resolver.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/attribute_resolver.py + touch --ref=src/saml2/attribute_resolver.py.ts src/saml2/attribute_resolver.py + rm src/saml2/attribute_resolver.py.ts + read source + head -n1 src/saml2/attributemaps/__init__.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/attributemaps/adfs_v1x.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/attributemaps/adfs_v20.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/attributemaps/basic.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/attributemaps/saml_uri.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/attributemaps/shibboleth_uri.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/authn.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/authn_context/__init__.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/authn_context/ippword.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/authn_context/ippword.py src/saml2/authn_context/ippword.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/authn_context/ippword.py + touch --ref=src/saml2/authn_context/ippword.py.ts src/saml2/authn_context/ippword.py + rm src/saml2/authn_context/ippword.py.ts + read source + head -n1 src/saml2/authn_context/mobiletwofactor.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/authn_context/mobiletwofactor.py src/saml2/authn_context/mobiletwofactor.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/authn_context/mobiletwofactor.py + touch --ref=src/saml2/authn_context/mobiletwofactor.py.ts src/saml2/authn_context/mobiletwofactor.py + rm src/saml2/authn_context/mobiletwofactor.py.ts + read source + head -n1 src/saml2/authn_context/ppt.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/authn_context/ppt.py src/saml2/authn_context/ppt.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/authn_context/ppt.py + touch --ref=src/saml2/authn_context/ppt.py.ts src/saml2/authn_context/ppt.py + rm src/saml2/authn_context/ppt.py.ts + read source + head -n1 src/saml2/authn_context/pword.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/authn_context/pword.py src/saml2/authn_context/pword.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/authn_context/pword.py + touch --ref=src/saml2/authn_context/pword.py.ts src/saml2/authn_context/pword.py + rm src/saml2/authn_context/pword.py.ts + read source + head -n1 src/saml2/authn_context/sslcert.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/authn_context/sslcert.py src/saml2/authn_context/sslcert.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/authn_context/sslcert.py + touch --ref=src/saml2/authn_context/sslcert.py.ts src/saml2/authn_context/sslcert.py + rm src/saml2/authn_context/sslcert.py.ts + read source + head -n1 src/saml2/authn_context/timesync.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/authn_context/timesync.py src/saml2/authn_context/timesync.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/authn_context/timesync.py + touch --ref=src/saml2/authn_context/timesync.py.ts src/saml2/authn_context/timesync.py + rm src/saml2/authn_context/timesync.py.ts + read source + head -n1 src/saml2/cache.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/cache.py src/saml2/cache.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/cache.py + touch --ref=src/saml2/cache.py.ts src/saml2/cache.py + rm src/saml2/cache.py.ts + read source + head -n1 src/saml2/cert.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/client.py + grep -F /usr/bin/env # !/usr/bin/env python + touch --ref=src/saml2/client.py src/saml2/client.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/client.py + touch --ref=src/saml2/client.py.ts src/saml2/client.py + rm src/saml2/client.py.ts + read source + head -n1 src/saml2/client_base.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/client_base.py src/saml2/client_base.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/client_base.py + touch --ref=src/saml2/client_base.py.ts src/saml2/client_base.py + rm src/saml2/client_base.py.ts + read source + grep -F /usr/bin/env + head -n1 src/saml2/config.py + read source + head -n1 src/saml2/country_codes.py #!/usr/bin/env python + grep -F /usr/bin/env + touch --ref=src/saml2/country_codes.py src/saml2/country_codes.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/country_codes.py + touch --ref=src/saml2/country_codes.py.ts src/saml2/country_codes.py + rm src/saml2/country_codes.py.ts + read source + head -n1 src/saml2/cryptography/__init__.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/cryptography/asymmetric.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/cryptography/errors.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/cryptography/pki.py + grep -F /usr/bin/env + read source + grep -F /usr/bin/env + head -n1 src/saml2/cryptography/symmetric.py + read source + head -n1 src/saml2/data/__init__.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/data/schemas/__init__.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/data/templates/__init__.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/discovery.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/ecp.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/ecp.py src/saml2/ecp.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/ecp.py + touch --ref=src/saml2/ecp.py.ts src/saml2/ecp.py + rm src/saml2/ecp.py.ts + read source + head -n1 src/saml2/ecp_client.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/ecp_client.py src/saml2/ecp_client.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/ecp_client.py + touch --ref=src/saml2/ecp_client.py.ts src/saml2/ecp_client.py + rm src/saml2/ecp_client.py.ts + read source + head -n1 src/saml2/entity.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/entity_category/__init__.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/entity_category/at_egov_pvp2.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/entity_category/edugain.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/entity_category/incommon.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/entity_category/refeds.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/entity_category/swamid.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/eptid.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/extension/__init__.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/extension/algsupport.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/extension/algsupport.py src/saml2/extension/algsupport.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/extension/algsupport.py + touch --ref=src/saml2/extension/algsupport.py.ts src/saml2/extension/algsupport.py + rm src/saml2/extension/algsupport.py.ts + read source + head -n1 src/saml2/extension/dri.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/extension/dri.py src/saml2/extension/dri.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/extension/dri.py + touch --ref=src/saml2/extension/dri.py.ts src/saml2/extension/dri.py + rm src/saml2/extension/dri.py.ts + read source + head -n1 src/saml2/extension/idpdisc.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/extension/idpdisc.py src/saml2/extension/idpdisc.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/extension/idpdisc.py + touch --ref=src/saml2/extension/idpdisc.py.ts src/saml2/extension/idpdisc.py + rm src/saml2/extension/idpdisc.py.ts + read source + head -n1 src/saml2/extension/mdattr.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/extension/mdattr.py src/saml2/extension/mdattr.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/extension/mdattr.py + touch --ref=src/saml2/extension/mdattr.py.ts src/saml2/extension/mdattr.py + rm src/saml2/extension/mdattr.py.ts + read source + head -n1 src/saml2/extension/mdrpi.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/extension/mdrpi.py src/saml2/extension/mdrpi.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/extension/mdrpi.py + touch --ref=src/saml2/extension/mdrpi.py.ts src/saml2/extension/mdrpi.py + rm src/saml2/extension/mdrpi.py.ts + read source + head -n1 src/saml2/extension/mdui.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/extension/mdui.py src/saml2/extension/mdui.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/extension/mdui.py + touch --ref=src/saml2/extension/mdui.py.ts src/saml2/extension/mdui.py + rm src/saml2/extension/mdui.py.ts + read source + head -n1 src/saml2/extension/pefim.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/extension/pefim.py src/saml2/extension/pefim.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/extension/pefim.py + touch --ref=src/saml2/extension/pefim.py.ts src/saml2/extension/pefim.py + rm src/saml2/extension/pefim.py.ts + read source + head -n1 src/saml2/extension/reqinit.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/extension/reqinit.py src/saml2/extension/reqinit.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/extension/reqinit.py + touch --ref=src/saml2/extension/reqinit.py.ts src/saml2/extension/reqinit.py + rm src/saml2/extension/reqinit.py.ts + read source + head -n1 src/saml2/extension/requested_attributes.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/extension/requested_attributes.py src/saml2/extension/requested_attributes.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/extension/requested_attributes.py + touch --ref=src/saml2/extension/requested_attributes.py.ts src/saml2/extension/requested_attributes.py + rm src/saml2/extension/requested_attributes.py.ts + read source + head -n1 src/saml2/extension/shibmd.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/extension/shibmd.py src/saml2/extension/shibmd.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/extension/shibmd.py + touch --ref=src/saml2/extension/shibmd.py.ts src/saml2/extension/shibmd.py + rm src/saml2/extension/shibmd.py.ts + read source + head -n1 src/saml2/extension/sp_type.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/extension/sp_type.py src/saml2/extension/sp_type.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/extension/sp_type.py + touch --ref=src/saml2/extension/sp_type.py.ts src/saml2/extension/sp_type.py + rm src/saml2/extension/sp_type.py.ts + read source + head -n1 src/saml2/filter.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/httpbase.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/httputil.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/ident.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/mcache.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/mcache.py src/saml2/mcache.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/mcache.py + touch --ref=src/saml2/mcache.py.ts src/saml2/mcache.py + rm src/saml2/mcache.py.ts + read source + head -n1 src/saml2/md.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/md.py src/saml2/md.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/md.py + touch --ref=src/saml2/md.py.ts src/saml2/md.py + rm src/saml2/md.py.ts + read source + head -n1 src/saml2/mdbcache.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/mdbcache.py src/saml2/mdbcache.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/mdbcache.py + touch --ref=src/saml2/mdbcache.py.ts src/saml2/mdbcache.py + rm src/saml2/mdbcache.py.ts + read source + head -n1 src/saml2/mdie.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/mdie.py src/saml2/mdie.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/mdie.py + touch --ref=src/saml2/mdie.py.ts src/saml2/mdie.py + rm src/saml2/mdie.py.ts + read source + head -n1 src/saml2/mdstore.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/metadata.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/metadata.py src/saml2/metadata.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/metadata.py + touch --ref=src/saml2/metadata.py.ts src/saml2/metadata.py + rm src/saml2/metadata.py.ts + read source + head -n1 src/saml2/mongo_store.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/pack.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/population.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/profile/__init__.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/profile/ecp.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/profile/ecp.py src/saml2/profile/ecp.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/profile/ecp.py + touch --ref=src/saml2/profile/ecp.py.ts src/saml2/profile/ecp.py + rm src/saml2/profile/ecp.py.ts + read source + head -n1 src/saml2/profile/paos.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/profile/paos.py src/saml2/profile/paos.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/profile/paos.py + touch --ref=src/saml2/profile/paos.py.ts src/saml2/profile/paos.py + rm src/saml2/profile/paos.py.ts + read source + head -n1 src/saml2/profile/samlec.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/request.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/response.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/response.py src/saml2/response.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/response.py + touch --ref=src/saml2/response.py.ts src/saml2/response.py + rm src/saml2/response.py.ts + read source + head -n1 src/saml2/s2repoze/__init__.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/s2repoze/plugins/__init__.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/s2repoze/plugins/challenge_decider.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/s2repoze/plugins/entitlement.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/s2repoze/plugins/entitlement.py src/saml2/s2repoze/plugins/entitlement.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/s2repoze/plugins/entitlement.py + touch --ref=src/saml2/s2repoze/plugins/entitlement.py.ts src/saml2/s2repoze/plugins/entitlement.py + rm src/saml2/s2repoze/plugins/entitlement.py.ts + read source + head -n1 src/saml2/s2repoze/plugins/formswithhidden.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/s2repoze/plugins/ini.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/s2repoze/plugins/sp.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/s_utils.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/s_utils.py src/saml2/s_utils.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/s_utils.py + touch --ref=src/saml2/s_utils.py.ts src/saml2/s_utils.py + rm src/saml2/s_utils.py.ts + read source + head -n1 src/saml2/saml.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/saml.py src/saml2/saml.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/saml.py + touch --ref=src/saml2/saml.py.ts src/saml2/saml.py + rm src/saml2/saml.py.ts + read source + head -n1 src/saml2/samlp.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/samlp.py src/saml2/samlp.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/samlp.py + touch --ref=src/saml2/samlp.py.ts src/saml2/samlp.py + rm src/saml2/samlp.py.ts + read source + head -n1 src/saml2/schema/__init__.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/schema/soap.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/schema/soap.py src/saml2/schema/soap.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/schema/soap.py + touch --ref=src/saml2/schema/soap.py.ts src/saml2/schema/soap.py + rm src/saml2/schema/soap.py.ts + read source + head -n1 src/saml2/schema/soapenv.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/schema/soapenv.py src/saml2/schema/soapenv.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/schema/soapenv.py + touch --ref=src/saml2/schema/soapenv.py.ts src/saml2/schema/soapenv.py + rm src/saml2/schema/soapenv.py.ts + read source + head -n1 src/saml2/schema/wsdl.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/schema/wsdl.py src/saml2/schema/wsdl.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/schema/wsdl.py + touch --ref=src/saml2/schema/wsdl.py.ts src/saml2/schema/wsdl.py + rm src/saml2/schema/wsdl.py.ts + read source + head -n1 src/saml2/sdb.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/server.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/server.py src/saml2/server.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/server.py + touch --ref=src/saml2/server.py.ts src/saml2/server.py + rm src/saml2/server.py.ts + read source + head -n1 src/saml2/sigver.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/soap.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/soap.py src/saml2/soap.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/soap.py + touch --ref=src/saml2/soap.py.ts src/saml2/soap.py + rm src/saml2/soap.py.ts + read source + head -n1 src/saml2/time_util.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/time_util.py src/saml2/time_util.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/time_util.py + touch --ref=src/saml2/time_util.py.ts src/saml2/time_util.py + rm src/saml2/time_util.py.ts + read source + head -n1 src/saml2/tools/make_metadata.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/tools/make_metadata.py src/saml2/tools/make_metadata.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/tools/make_metadata.py + touch --ref=src/saml2/tools/make_metadata.py.ts src/saml2/tools/make_metadata.py + rm src/saml2/tools/make_metadata.py.ts + read source + head -n1 src/saml2/tools/mdexport.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/tools/mdexport.py src/saml2/tools/mdexport.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/tools/mdexport.py + touch --ref=src/saml2/tools/mdexport.py.ts src/saml2/tools/mdexport.py + rm src/saml2/tools/mdexport.py.ts + read source + head -n1 src/saml2/tools/mdexport_test.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/tools/mdexport_test.py src/saml2/tools/mdexport_test.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/tools/mdexport_test.py + touch --ref=src/saml2/tools/mdexport_test.py.ts src/saml2/tools/mdexport_test.py + rm src/saml2/tools/mdexport_test.py.ts + read source + head -n1 src/saml2/tools/mdimport.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/tools/mdimport.py src/saml2/tools/mdimport.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/tools/mdimport.py + touch --ref=src/saml2/tools/mdimport.py.ts src/saml2/tools/mdimport.py + rm src/saml2/tools/mdimport.py.ts + read source + head -n1 src/saml2/tools/merge_metadata.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/tools/merge_metadata.py src/saml2/tools/merge_metadata.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/tools/merge_metadata.py + touch --ref=src/saml2/tools/merge_metadata.py.ts src/saml2/tools/merge_metadata.py + rm src/saml2/tools/merge_metadata.py.ts + read source + head -n1 src/saml2/tools/sync_attrmaps.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/tools/sync_attrmaps.py src/saml2/tools/sync_attrmaps.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/tools/sync_attrmaps.py + touch --ref=src/saml2/tools/sync_attrmaps.py.ts src/saml2/tools/sync_attrmaps.py + rm src/saml2/tools/sync_attrmaps.py.ts + read source + head -n1 src/saml2/tools/verify_metadata.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/tools/verify_metadata.py src/saml2/tools/verify_metadata.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/tools/verify_metadata.py + touch --ref=src/saml2/tools/verify_metadata.py.ts src/saml2/tools/verify_metadata.py + rm src/saml2/tools/verify_metadata.py.ts + read source + head -n1 src/saml2/tools/parse_xsd2.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/tools/parse_xsd2.py src/saml2/tools/parse_xsd2.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/tools/parse_xsd2.py + touch --ref=src/saml2/tools/parse_xsd2.py.ts src/saml2/tools/parse_xsd2.py + rm src/saml2/tools/parse_xsd2.py.ts + read source + head -n1 src/saml2/userinfo/__init__.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/userinfo/ldapinfo.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/validate.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/version.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/virtual_org.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/ws/__init__.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/ws/wsaddr.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/ws/wsaddr.py src/saml2/ws/wsaddr.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/ws/wsaddr.py + touch --ref=src/saml2/ws/wsaddr.py.ts src/saml2/ws/wsaddr.py + rm src/saml2/ws/wsaddr.py.ts + read source + head -n1 src/saml2/ws/wspol.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/ws/wspol.py src/saml2/ws/wspol.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/ws/wspol.py + touch --ref=src/saml2/ws/wspol.py.ts src/saml2/ws/wspol.py + rm src/saml2/ws/wspol.py.ts + read source + head -n1 src/saml2/ws/wssec.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/ws/wssec.py src/saml2/ws/wssec.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/ws/wssec.py + touch --ref=src/saml2/ws/wssec.py.ts src/saml2/ws/wssec.py + rm src/saml2/ws/wssec.py.ts + read source + head -n1 src/saml2/ws/wstrust.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/ws/wstrust.py src/saml2/ws/wstrust.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/ws/wstrust.py + touch --ref=src/saml2/ws/wstrust.py.ts src/saml2/ws/wstrust.py + rm src/saml2/ws/wstrust.py.ts + read source + head -n1 src/saml2/ws/wsutil.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/ws/wsutil.py src/saml2/ws/wsutil.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/ws/wsutil.py + touch --ref=src/saml2/ws/wsutil.py.ts src/saml2/ws/wsutil.py + rm src/saml2/ws/wsutil.py.ts + read source + head -n1 src/saml2/xml/__init__.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/xml/schema/__init__.py + grep -F /usr/bin/env + read source + head -n1 src/saml2/xmldsig/__init__.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/xmldsig/__init__.py src/saml2/xmldsig/__init__.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/xmldsig/__init__.py + touch --ref=src/saml2/xmldsig/__init__.py.ts src/saml2/xmldsig/__init__.py + rm src/saml2/xmldsig/__init__.py.ts + read source + head -n1 src/saml2/xmlenc/__init__.py + grep -F /usr/bin/env #!/usr/bin/env python + touch --ref=src/saml2/xmlenc/__init__.py src/saml2/xmlenc/__init__.py.ts + sed -i '/\/usr\/bin\/env python/{d;q}' src/saml2/xmlenc/__init__.py + touch --ref=src/saml2/xmlenc/__init__.py.ts src/saml2/xmlenc/__init__.py + rm src/saml2/xmlenc/__init__.py.ts + read source + head -n1 src/saml2test/__init__.py + grep -F /usr/bin/env + read source + head -n1 src/saml2test/check.py + grep -F /usr/bin/env + read source + head -n1 src/saml2test/interaction.py + grep -F /usr/bin/env + read source + head -n1 src/saml2test/opfunc.py + grep -F /usr/bin/env + read source + grep -F /usr/bin/env + head -n1 src/saml2test/status.py + read source + head -n1 src/saml2test/tool.py + grep -F /usr/bin/env + read source + head -n1 src/utility/__init__.py + grep -F /usr/bin/env + read source + head -n1 src/utility/metadata.py + grep -F /usr/bin/env + read source + source=src/saml2/schema/wsdl.py + touch --ref=src/saml2/schema/wsdl.py src/saml2/schema/wsdl.py.ts + sed -i '1,3{d;q}' src/saml2/schema/wsdl.py + touch --ref=src/saml2/schema/wsdl.py.ts src/saml2/schema/wsdl.py + rm src/saml2/schema/wsdl.py.ts + RPM_EC=0 ++ jobs -p + exit 0 Executing(%generate_buildrequires): /bin/sh -e /var/tmp/rpm-tmp.OYvPFd + umask 022 + cd /builddir/build/BUILD/python-pysaml2-7.4.2-build + cd pysaml2-7.4.2 + echo pyproject-rpm-macros + echo python3-devel + echo 'python3dist(packaging)' + echo 'python3dist(pip) >= 19' + '[' -f pyproject.toml ']' + echo '(python3dist(tomli) if python3-devel < 3.11)' + rm -rfv '*.dist-info/' + '[' -f /usr/bin/python3 ']' + mkdir -p /builddir/build/BUILD/python-pysaml2-7.4.2-build/.pyproject-builddir + echo -n + CFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer ' + CXXFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer ' + FFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules ' + FCFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules ' + VALAFLAGS=-g + RUSTFLAGS='-Copt-level=3 -Cdebuginfo=2 -Ccodegen-units=1 -Cstrip=none -Cforce-frame-pointers=yes --cap-lints=warn' + LDFLAGS='-Wl,-z,relro -Wl,--as-needed -Wl,-z,pack-relative-relocs -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 ' + LT_SYS_LIBRARY_PATH=/usr/lib64: + CC=gcc + CXX=g++ + TMPDIR=/builddir/build/BUILD/python-pysaml2-7.4.2-build/.pyproject-builddir + RPM_TOXENV=py313 + HOSTNAME=rpmbuild + /usr/bin/python3 -Bs /usr/lib/rpm/redhat/pyproject_buildrequires.py --generate-extras --python3_pkgversion 3 --wheeldir /builddir/build/BUILD/python-pysaml2-7.4.2-build/pyproject-wheeldir --output /builddir/build/BUILD/python-pysaml2-7.4.2-build/python-pysaml2-7.4.2-6.fc42.x86_64-pyproject-buildrequires -t Handling poetry_core>=1.0.0 from build-system.requires Requirement not satisfied: poetry_core>=1.0.0 Exiting dependency generation pass: build backend + cat /builddir/build/BUILD/python-pysaml2-7.4.2-build/python-pysaml2-7.4.2-6.fc42.x86_64-pyproject-buildrequires + rm -rfv '*.dist-info/' + RPM_EC=0 ++ jobs -p + exit 0 Wrote: /builddir/build/SRPMS/python-pysaml2-7.4.2-6.fc42.buildreqs.nosrc.rpm INFO: Going to install missing dynamic buildrequires Updating and loading repositories: Additional repo http_kojipkgs_fedorapr 100% | 69.6 KiB/s | 3.8 KiB | 00m00s fedora 100% | 767.7 KiB/s | 27.6 KiB | 00m00s Copr repository 100% | 30.0 KiB/s | 1.5 KiB | 00m00s Repositories loaded. Package "git-core-2.47.0-1.fc42.x86_64" is already installed. Package "pyproject-rpm-macros-1.16.2-1.fc42.noarch" is already installed. Package "python3-devel-3.13.0-1.fc42.x86_64" is already installed. Package "python3-pymongo-4.2.0-8.fc41.x86_64" is already installed. Package "python3-pytest-8.3.3-3.fc42.noarch" is already installed. Package "python3-responses-0.25.3-2.fc41.noarch" is already installed. Package "python3-sphinx-1:8.1.3-1.fc42.noarch" is already installed. Package "python3-packaging-24.2-2.fc42.noarch" is already installed. Package "xmlsec1-1:1.2.39-4.fc41.x86_64" is already installed. Package "xmlsec1-openssl-1:1.2.39-4.fc41.x86_64" is already installed. Package Arch Version Repository Size Installing: python3-pip noarch 24.3.1-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 11.3 MiB python3-poetry-core noarch 1.9.1-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.0 MiB Installing dependencies: python3-fastjsonschema noarch 2.20.0-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 190.8 KiB python3-lark noarch 1.2.2-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.3 MiB Transaction Summary: Installing: 4 packages Total size of inbound packages is 3 MiB. Need to download 3 MiB. After this operation, 14 MiB extra will be used (install 14 MiB, remove 0 B). [1/4] python3-fastjsonschema-0:2.20.0-1 100% | 790.2 KiB/s | 58.5 KiB | 00m00s [2/4] python3-poetry-core-0:1.9.1-1.fc4 100% | 2.7 MiB/s | 260.0 KiB | 00m00s [3/4] python3-lark-0:1.2.2-1.fc42.noarc 100% | 8.0 MiB/s | 369.0 KiB | 00m00s [4/4] python3-pip-0:24.3.1-1.fc42.noarc 100% | 19.5 MiB/s | 2.5 MiB | 00m00s -------------------------------------------------------------------------------- [4/4] Total 100% | 24.1 MiB/s | 3.2 MiB | 00m00s Running transaction [1/6] Verify package files 100% | 363.0 B/s | 4.0 B | 00m00s [2/6] Prepare transaction 100% | 133.0 B/s | 4.0 B | 00m00s [3/6] Installing python3-lark-0:1.2.2-1 100% | 109.8 MiB/s | 1.3 MiB | 00m00s [4/6] Installing python3-fastjsonschema 100% | 64.7 MiB/s | 198.8 KiB | 00m00s [5/6] Installing python3-poetry-core-0: 100% | 52.6 MiB/s | 1.1 MiB | 00m00s [6/6] Installing python3-pip-0:24.3.1-1 100% | 86.7 MiB/s | 11.6 MiB | 00m00s Warning: skipped PGP checks for 4 packages from repository: http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch Complete! Building target platforms: x86_64 Building for target x86_64 setting SOURCE_DATE_EPOCH=1721347200 Executing(%generate_buildrequires): /bin/sh -e /var/tmp/rpm-tmp.G4yQKw + umask 022 + cd /builddir/build/BUILD/python-pysaml2-7.4.2-build + cd pysaml2-7.4.2 + echo pyproject-rpm-macros + echo python3-devel + echo 'python3dist(packaging)' + echo 'python3dist(pip) >= 19' + '[' -f pyproject.toml ']' + echo '(python3dist(tomli) if python3-devel < 3.11)' + rm -rfv '*.dist-info/' + '[' -f /usr/bin/python3 ']' + mkdir -p /builddir/build/BUILD/python-pysaml2-7.4.2-build/.pyproject-builddir + echo -n + CFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer ' + CXXFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer ' + FFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules ' + FCFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules ' + VALAFLAGS=-g + RUSTFLAGS='-Copt-level=3 -Cdebuginfo=2 -Ccodegen-units=1 -Cstrip=none -Cforce-frame-pointers=yes --cap-lints=warn' + LDFLAGS='-Wl,-z,relro -Wl,--as-needed -Wl,-z,pack-relative-relocs -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 ' + LT_SYS_LIBRARY_PATH=/usr/lib64: + CC=gcc + CXX=g++ + TMPDIR=/builddir/build/BUILD/python-pysaml2-7.4.2-build/.pyproject-builddir + RPM_TOXENV=py313 + HOSTNAME=rpmbuild + /usr/bin/python3 -Bs /usr/lib/rpm/redhat/pyproject_buildrequires.py --generate-extras --python3_pkgversion 3 --wheeldir /builddir/build/BUILD/python-pysaml2-7.4.2-build/pyproject-wheeldir --output /builddir/build/BUILD/python-pysaml2-7.4.2-build/python-pysaml2-7.4.2-6.fc42.x86_64-pyproject-buildrequires -t Handling poetry_core>=1.0.0 from build-system.requires Requirement satisfied: poetry_core>=1.0.0 (installed: poetry_core 1.9.1) Handling tox-current-env >= 0.0.6 from tox itself Requirement not satisfied: tox-current-env >= 0.0.6 Exiting dependency generation pass: tox itself + cat /builddir/build/BUILD/python-pysaml2-7.4.2-build/python-pysaml2-7.4.2-6.fc42.x86_64-pyproject-buildrequires + rm -rfv '*.dist-info/' + RPM_EC=0 ++ jobs -p + exit 0 Wrote: /builddir/build/SRPMS/python-pysaml2-7.4.2-6.fc42.buildreqs.nosrc.rpm INFO: Going to install missing dynamic buildrequires Updating and loading repositories: fedora 100% | 1.0 MiB/s | 27.6 KiB | 00m00s Copr repository 100% | 34.0 KiB/s | 1.5 KiB | 00m00s Additional repo http_kojipkgs_fedorapr 100% | 75.1 KiB/s | 3.8 KiB | 00m00s Repositories loaded. Package "git-core-2.47.0-1.fc42.x86_64" is already installed. Package "pyproject-rpm-macros-1.16.2-1.fc42.noarch" is already installed. Package "python3-devel-3.13.0-1.fc42.x86_64" is already installed. Package "python3-pymongo-4.2.0-8.fc41.x86_64" is already installed. Package "python3-pytest-8.3.3-3.fc42.noarch" is already installed. Package "python3-responses-0.25.3-2.fc41.noarch" is already installed. Package "python3-sphinx-1:8.1.3-1.fc42.noarch" is already installed. Package "python3-packaging-24.2-2.fc42.noarch" is already installed. Package "python3-pip-24.3.1-1.fc42.noarch" is already installed. Package "python3-poetry-core-1.9.1-1.fc42.noarch" is already installed. Package "xmlsec1-1:1.2.39-4.fc41.x86_64" is already installed. Package "xmlsec1-openssl-1:1.2.39-4.fc41.x86_64" is already installed. Package Arch Version Repository Size Installing: python3-tox-current-env noarch 0.0.14-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 75.6 KiB Installing dependencies: python-setuptools-wheel noarch 74.1.3-4.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.2 MiB python-wheel-wheel noarch 1:0.44.0-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 66.4 KiB python3-cachetools noarch 5.4.0-6.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 138.7 KiB python3-chardet noarch 5.2.0-14.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 2.1 MiB python3-colorama noarch 0.4.6-9.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 191.6 KiB python3-distlib noarch 0.3.9-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.2 MiB python3-filelock noarch 3.15.4-3.fc42 copr_base 89.6 KiB python3-platformdirs noarch 4.2.2-2.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 168.6 KiB python3-pyproject-api noarch 1.8.0-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 79.0 KiB python3-virtualenv noarch 20.26.6-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 644.9 KiB tox noarch 4.23.2-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 1.2 MiB Transaction Summary: Installing: 12 packages Total size of inbound packages is 3 MiB. Need to download 3 MiB. After this operation, 7 MiB extra will be used (install 7 MiB, remove 0 B). [ 1/12] python3-tox-current-env-0:0.0.1 100% | 523.5 KiB/s | 30.9 KiB | 00m00s [ 2/12] python3-cachetools-0:5.4.0-6.fc 100% | 507.7 KiB/s | 37.1 KiB | 00m00s [ 3/12] python3-chardet-0:5.2.0-14.fc41 100% | 8.1 MiB/s | 273.4 KiB | 00m00s [ 4/12] tox-0:4.23.2-1.fc42.noarch 100% | 3.8 MiB/s | 371.3 KiB | 00m00s [ 5/12] python3-colorama-0:0.4.6-9.fc41 100% | 2.5 MiB/s | 63.4 KiB | 00m00s [ 6/12] python3-platformdirs-0:4.2.2-2. 100% | 2.2 MiB/s | 41.0 KiB | 00m00s [ 7/12] python3-pyproject-api-0:1.8.0-1 100% | 2.0 MiB/s | 37.2 KiB | 00m00s [ 8/12] python3-filelock-0:3.15.4-3.fc4 100% | 1.1 MiB/s | 38.1 KiB | 00m00s [ 9/12] python3-virtualenv-0:20.26.6-1. 100% | 12.5 MiB/s | 243.2 KiB | 00m00s [10/12] python-setuptools-wheel-0:74.1. 100% | 32.9 MiB/s | 1.1 MiB | 00m00s [11/12] python-wheel-wheel-1:0.44.0-1.f 100% | 3.3 MiB/s | 71.9 KiB | 00m00s [12/12] python3-distlib-0:0.3.9-1.fc42. 100% | 9.7 MiB/s | 259.0 KiB | 00m00s -------------------------------------------------------------------------------- [12/12] Total 100% | 15.6 MiB/s | 2.5 MiB | 00m00s Running transaction [ 1/14] Verify package files 100% | 1.3 KiB/s | 12.0 B | 00m00s [ 2/14] Prepare transaction 100% | 600.0 B/s | 12.0 B | 00m00s [ 3/14] Installing python3-platformdirs 100% | 57.0 MiB/s | 175.0 KiB | 00m00s [ 4/14] Installing python3-filelock-0:3 100% | 31.4 MiB/s | 96.4 KiB | 00m00s [ 5/14] Installing python3-distlib-0:0. 100% | 234.4 MiB/s | 1.2 MiB | 00m00s [ 6/14] Installing python-wheel-wheel-1 100% | 0.0 B/s | 67.1 KiB | 00m00s [ 7/14] Installing python-setuptools-wh 100% | 384.3 MiB/s | 1.2 MiB | 00m00s [ 8/14] Installing python3-virtualenv-0 100% | 30.3 MiB/s | 713.6 KiB | 00m00s [ 9/14] Installing python3-pyproject-ap 100% | 41.6 MiB/s | 85.2 KiB | 00m00s [10/14] Installing python3-colorama-0:0 100% | 65.6 MiB/s | 201.5 KiB | 00m00s [11/14] Installing python3-chardet-0:5. 100% | 174.7 MiB/s | 2.1 MiB | 00m00s [12/14] Installing python3-cachetools-0 100% | 69.5 MiB/s | 142.3 KiB | 00m00s [13/14] Installing tox-0:4.23.2-1.fc42. 100% | 60.9 MiB/s | 1.3 MiB | 00m00s [14/14] Installing python3-tox-current- 100% | 3.7 MiB/s | 79.9 KiB | 00m00s Warning: skipped PGP checks for 12 packages from repositories: copr_base, http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch Complete! Building target platforms: x86_64 Building for target x86_64 setting SOURCE_DATE_EPOCH=1721347200 Executing(%generate_buildrequires): /bin/sh -e /var/tmp/rpm-tmp.mMpmsB + umask 022 + cd /builddir/build/BUILD/python-pysaml2-7.4.2-build + cd pysaml2-7.4.2 + echo pyproject-rpm-macros + echo python3-devel + echo 'python3dist(packaging)' + echo 'python3dist(pip) >= 19' + '[' -f pyproject.toml ']' + echo '(python3dist(tomli) if python3-devel < 3.11)' + rm -rfv '*.dist-info/' + '[' -f /usr/bin/python3 ']' + mkdir -p /builddir/build/BUILD/python-pysaml2-7.4.2-build/.pyproject-builddir + echo -n + CFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer ' + CXXFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer ' + FFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules ' + FCFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules ' + VALAFLAGS=-g + RUSTFLAGS='-Copt-level=3 -Cdebuginfo=2 -Ccodegen-units=1 -Cstrip=none -Cforce-frame-pointers=yes --cap-lints=warn' + LDFLAGS='-Wl,-z,relro -Wl,--as-needed -Wl,-z,pack-relative-relocs -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 ' + LT_SYS_LIBRARY_PATH=/usr/lib64: + CC=gcc + CXX=g++ + TMPDIR=/builddir/build/BUILD/python-pysaml2-7.4.2-build/.pyproject-builddir + RPM_TOXENV=py313 + HOSTNAME=rpmbuild + /usr/bin/python3 -Bs /usr/lib/rpm/redhat/pyproject_buildrequires.py --generate-extras --python3_pkgversion 3 --wheeldir /builddir/build/BUILD/python-pysaml2-7.4.2-build/pyproject-wheeldir --output /builddir/build/BUILD/python-pysaml2-7.4.2-build/python-pysaml2-7.4.2-6.fc42.x86_64-pyproject-buildrequires -t Handling poetry_core>=1.0.0 from build-system.requires Requirement satisfied: poetry_core>=1.0.0 (installed: poetry_core 1.9.1) Handling tox-current-env >= 0.0.6 from tox itself Requirement satisfied: tox-current-env >= 0.0.6 (installed: tox-current-env 0.0.14) py313: OK (0.00 seconds) congratulations :) (0.08 seconds) Handling tox from tox --print-deps-only: py313 Requirement satisfied: tox (installed: tox 4.23.2) py313: OK (0.00 seconds) congratulations :) (0.06 seconds) Handling cryptography (>=3.1) from hook generated metadata: Requires-Dist (pysaml2) Requirement not satisfied: cryptography (>=3.1) Handling defusedxml from hook generated metadata: Requires-Dist (pysaml2) Requirement not satisfied: defusedxml Handling importlib-metadata (>=1.7.0) ; python_version < "3.8" from hook generated metadata: Requires-Dist (pysaml2) Ignoring alien requirement: importlib-metadata (>=1.7.0) ; python_version < "3.8" Handling importlib-resources ; python_version < "3.9" from hook generated metadata: Requires-Dist (pysaml2) Ignoring alien requirement: importlib-resources ; python_version < "3.9" Handling paste ; extra == "s2repoze" from hook generated metadata: Requires-Dist (pysaml2) Ignoring alien requirement: paste ; extra == "s2repoze" Handling pyopenssl from hook generated metadata: Requires-Dist (pysaml2) Requirement not satisfied: pyopenssl Handling python-dateutil from hook generated metadata: Requires-Dist (pysaml2) Requirement not satisfied: python-dateutil Handling pytz from hook generated metadata: Requires-Dist (pysaml2) Requirement not satisfied: pytz Handling repoze.who ; extra == "s2repoze" from hook generated metadata: Requires-Dist (pysaml2) Ignoring alien requirement: repoze.who ; extra == "s2repoze" Handling requests (>=2,<3) from hook generated metadata: Requires-Dist (pysaml2) Requirement satisfied: requests (>=2,<3) (installed: requests 2.32.3) Handling xmlschema (>=1.2.1) from hook generated metadata: Requires-Dist (pysaml2) Requirement not satisfied: xmlschema (>=1.2.1) Handling zope.interface ; extra == "s2repoze" from hook generated metadata: Requires-Dist (pysaml2) Ignoring alien requirement: zope.interface ; extra == "s2repoze" + cat /builddir/build/BUILD/python-pysaml2-7.4.2-build/python-pysaml2-7.4.2-6.fc42.x86_64-pyproject-buildrequires + rm -rfv pysaml2-7.4.2.dist-info/ removed 'pysaml2-7.4.2.dist-info/entry_points.txt' removed 'pysaml2-7.4.2.dist-info/WHEEL' removed 'pysaml2-7.4.2.dist-info/METADATA' removed 'pysaml2-7.4.2.dist-info/LICENSE' removed directory 'pysaml2-7.4.2.dist-info/' + RPM_EC=0 ++ jobs -p + exit 0 Wrote: /builddir/build/SRPMS/python-pysaml2-7.4.2-6.fc42.buildreqs.nosrc.rpm INFO: Going to install missing dynamic buildrequires Updating and loading repositories: fedora 100% | 1.0 MiB/s | 27.6 KiB | 00m00s Copr repository 100% | 30.0 KiB/s | 1.5 KiB | 00m00s Additional repo http_kojipkgs_fedorapr 100% | 73.6 KiB/s | 3.8 KiB | 00m00s Repositories loaded. Package "git-core-2.47.0-1.fc42.x86_64" is already installed. Package "pyproject-rpm-macros-1.16.2-1.fc42.noarch" is already installed.Package Arch Version Repository Size Installing: python3-cryptography x86_64 43.0.0-3.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 4.7 MiB python3-dateutil noarch 1:2.8.2-16.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 879.2 KiB python3-defusedxml noarch 0.7.1-17.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 196.4 KiB python3-pyOpenSSL noarch 24.2.1-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 747.1 KiB python3-pytz noarch 2024.2-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 223.7 KiB python3-xmlschema noarch 3.4.2-2.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 3.8 MiB Installing dependencies: python3-cffi x86_64 1.17.1-1.fc42 copr_base 1.3 MiB python3-elementpath noarch 4.5.0-1.fc42 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 2.9 MiB python3-ply noarch 3.11-25.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 568.2 KiB python3-pycparser noarch 2.20-18.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 821.0 KiB python3-six noarch 1.16.0-23.fc41 http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch 118.3 KiB Transaction Summary: Installing: 11 packages Package "python3-devel-3.13.0-1.fc42.x86_64" is already installed. Package "python3-pymongo-4.2.0-8.fc41.x86_64" is already installed. Package "python3-pytest-8.3.3-3.fc42.noarch" is already installed. Package "python3-responses-0.25.3-2.fc41.noarch" is already installed. Package "python3-sphinx-1:8.1.3-1.fc42.noarch" is already installed. Package "python3-packaging-24.2-2.fc42.noarch" is already installed. Package "python3-pip-24.3.1-1.fc42.noarch" is already installed. Package "python3-poetry-core-1.9.1-1.fc42.noarch" is already installed. Package "tox-4.23.2-1.fc42.noarch" is already installed. Package "python3-tox-current-env-0.0.14-1.fc42.noarch" is already installed. Package "xmlsec1-1:1.2.39-4.fc41.x86_64" is already installed. Package "xmlsec1-openssl-1:1.2.39-4.fc41.x86_64" is already installed. Total size of inbound packages is 4 MiB. Need to download 4 MiB. After this operation, 16 MiB extra will be used (install 16 MiB, remove 0 B). [ 1/11] python3-defusedxml-0:0.7.1-17.f 100% | 743.7 KiB/s | 51.3 KiB | 00m00s [ 2/11] python3-pyOpenSSL-0:24.2.1-1.fc 100% | 1.4 MiB/s | 125.0 KiB | 00m00s [ 3/11] python3-pytz-0:2024.2-1.fc42.no 100% | 3.1 MiB/s | 59.8 KiB | 00m00s [ 4/11] python3-dateutil-1:2.8.2-16.fc4 100% | 8.1 MiB/s | 349.0 KiB | 00m00s [ 5/11] python3-cryptography-0:43.0.0-3 100% | 10.9 MiB/s | 1.3 MiB | 00m00s [ 6/11] python3-six-0:1.16.0-23.fc41.no 100% | 2.4 MiB/s | 41.2 KiB | 00m00s [ 7/11] python3-elementpath-0:4.5.0-1.f 100% | 10.2 MiB/s | 551.8 KiB | 00m00s [ 8/11] python3-xmlschema-0:3.4.2-2.fc4 100% | 10.3 MiB/s | 643.8 KiB | 00m00s [ 9/11] python3-pycparser-0:2.20-18.fc4 100% | 8.1 MiB/s | 149.9 KiB | 00m00s [10/11] python3-ply-0:3.11-25.fc41.noar 100% | 7.6 MiB/s | 131.6 KiB | 00m00s [11/11] python3-cffi-0:1.17.1-1.fc42.x8 100% | 4.7 MiB/s | 297.6 KiB | 00m00s -------------------------------------------------------------------------------- [11/11] Total 100% | 18.0 MiB/s | 3.6 MiB | 00m00s Running transaction [ 1/13] Verify package files 100% | 785.0 B/s | 11.0 B | 00m00s [ 2/13] Prepare transaction 100% | 244.0 B/s | 11.0 B | 00m00s [ 3/13] Installing python3-ply-0:3.11-2 100% | 112.0 MiB/s | 573.4 KiB | 00m00s [ 4/13] Installing python3-pycparser-0: 100% | 116.1 MiB/s | 832.5 KiB | 00m00s [ 5/13] Installing python3-cffi-0:1.17. 100% | 133.1 MiB/s | 1.3 MiB | 00m00s [ 6/13] Installing python3-cryptography 100% | 111.0 MiB/s | 4.8 MiB | 00m00s [ 7/13] Installing python3-six-0:1.16.0 100% | 39.3 MiB/s | 120.7 KiB | 00m00s [ 8/13] Installing python3-elementpath- 100% | 140.0 MiB/s | 2.9 MiB | 00m00s [ 9/13] Installing python3-xmlschema-0: 100% | 138.6 MiB/s | 3.9 MiB | 00m00s [10/13] Installing python3-dateutil-1:2 100% | 109.0 MiB/s | 892.9 KiB | 00m00s [11/13] Installing python3-pyOpenSSL-0: 100% | 147.1 MiB/s | 753.1 KiB | 00m00s [12/13] Installing python3-pytz-0:2024. 100% | 74.5 MiB/s | 229.0 KiB | 00m00s [13/13] Installing python3-defusedxml-0 100% | 6.9 MiB/s | 204.6 KiB | 00m00s Warning: skipped PGP checks for 11 packages from repositories: copr_base, http_kojipkgs_fedoraproject_org_repos_rawhide_latest_basearch Complete! Building target platforms: x86_64 Building for target x86_64 setting SOURCE_DATE_EPOCH=1721347200 Executing(%generate_buildrequires): /bin/sh -e /var/tmp/rpm-tmp.KzCrfs + umask 022 + cd /builddir/build/BUILD/python-pysaml2-7.4.2-build + cd pysaml2-7.4.2 + echo pyproject-rpm-macros + echo python3-devel + echo 'python3dist(packaging)' + echo 'python3dist(pip) >= 19' + '[' -f pyproject.toml ']' + echo '(python3dist(tomli) if python3-devel < 3.11)' + rm -rfv '*.dist-info/' + '[' -f /usr/bin/python3 ']' + mkdir -p /builddir/build/BUILD/python-pysaml2-7.4.2-build/.pyproject-builddir + echo -n + CFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer ' + CXXFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer ' + FFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules ' + FCFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules ' + VALAFLAGS=-g + RUSTFLAGS='-Copt-level=3 -Cdebuginfo=2 -Ccodegen-units=1 -Cstrip=none -Cforce-frame-pointers=yes --cap-lints=warn' + LDFLAGS='-Wl,-z,relro -Wl,--as-needed -Wl,-z,pack-relative-relocs -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 ' + LT_SYS_LIBRARY_PATH=/usr/lib64: + CC=gcc + CXX=g++ + TMPDIR=/builddir/build/BUILD/python-pysaml2-7.4.2-build/.pyproject-builddir + RPM_TOXENV=py313 + HOSTNAME=rpmbuild + /usr/bin/python3 -Bs /usr/lib/rpm/redhat/pyproject_buildrequires.py --generate-extras --python3_pkgversion 3 --wheeldir /builddir/build/BUILD/python-pysaml2-7.4.2-build/pyproject-wheeldir --output /builddir/build/BUILD/python-pysaml2-7.4.2-build/python-pysaml2-7.4.2-6.fc42.x86_64-pyproject-buildrequires -t Handling poetry_core>=1.0.0 from build-system.requires Requirement satisfied: poetry_core>=1.0.0 (installed: poetry_core 1.9.1) Handling tox-current-env >= 0.0.6 from tox itself Requirement satisfied: tox-current-env >= 0.0.6 (installed: tox-current-env 0.0.14) py313: OK (0.00 seconds) congratulations :) (0.06 seconds) Handling tox from tox --print-deps-only: py313 Requirement satisfied: tox (installed: tox 4.23.2) py313: OK (0.00 seconds) congratulations :) (0.06 seconds) Handling cryptography (>=3.1) from hook generated metadata: Requires-Dist (pysaml2) Requirement satisfied: cryptography (>=3.1) (installed: cryptography 43.0.0) Handling defusedxml from hook generated metadata: Requires-Dist (pysaml2) Requirement satisfied: defusedxml (installed: defusedxml 0.7.1) Handling importlib-metadata (>=1.7.0) ; python_version < "3.8" from hook generated metadata: Requires-Dist (pysaml2) Ignoring alien requirement: importlib-metadata (>=1.7.0) ; python_version < "3.8" Handling importlib-resources ; python_version < "3.9" from hook generated metadata: Requires-Dist (pysaml2) Ignoring alien requirement: importlib-resources ; python_version < "3.9" Handling paste ; extra == "s2repoze" from hook generated metadata: Requires-Dist (pysaml2) Ignoring alien requirement: paste ; extra == "s2repoze" Handling pyopenssl from hook generated metadata: Requires-Dist (pysaml2) Requirement satisfied: pyopenssl (installed: pyopenssl 24.2.1) Handling python-dateutil from hook generated metadata: Requires-Dist (pysaml2) Requirement satisfied: python-dateutil (installed: python-dateutil 2.8.2) Handling pytz from hook generated metadata: Requires-Dist (pysaml2) Requirement satisfied: pytz (installed: pytz 2024.2) Handling repoze.who ; extra == "s2repoze" from hook generated metadata: Requires-Dist (pysaml2) Ignoring alien requirement: repoze.who ; extra == "s2repoze" Handling requests (>=2,<3) from hook generated metadata: Requires-Dist (pysaml2) Requirement satisfied: requests (>=2,<3) (installed: requests 2.32.3) Handling xmlschema (>=1.2.1) from hook generated metadata: Requires-Dist (pysaml2) Requirement satisfied: xmlschema (>=1.2.1) (installed: xmlschema 3.4.2) Handling zope.interface ; extra == "s2repoze" from hook generated metadata: Requires-Dist (pysaml2) Ignoring alien requirement: zope.interface ; extra == "s2repoze" + cat /builddir/build/BUILD/python-pysaml2-7.4.2-build/python-pysaml2-7.4.2-6.fc42.x86_64-pyproject-buildrequires + rm -rfv pysaml2-7.4.2.dist-info/ removed 'pysaml2-7.4.2.dist-info/entry_points.txt' removed 'pysaml2-7.4.2.dist-info/WHEEL' removed 'pysaml2-7.4.2.dist-info/METADATA' removed 'pysaml2-7.4.2.dist-info/LICENSE' removed directory 'pysaml2-7.4.2.dist-info/' + RPM_EC=0 ++ jobs -p + exit 0 Wrote: /builddir/build/SRPMS/python-pysaml2-7.4.2-6.fc42.buildreqs.nosrc.rpm INFO: Going to install missing dynamic buildrequires Updating and loading repositories: Copr repository 100% | 49.4 KiB/s | 1.5 KiB | 00m00s Additional repo http_kojipkgs_fedorapr 100% | 75.1 KiB/s | 3.8 KiB | 00m00s fedora 100% | 1.1 MiB/s | 27.6 KiB | 00m00s Repositories loaded. Package "git-core-2.47.0-1.fc42.x86_64" is already installed. Package "pyproject-rpm-macros-1.16.2-1.fc42.noarch" is already installed. Package "python3-devel-3.13.0-1.fc42.x86_64" is already installed. Package "python3-pymongo-4.2.0-8.fc41.x86_64" is already installed. Package "python3-pytest-8.3.3-3.fc42.noarch" is already installed. Package "python3-responses-0.25.3-2.fc41.noarch" is already installed. Package "python3-sphinx-1:8.1.3-1.fc42.noarch" is already installed. Package "python3-cryptography-43.0.0-3.fc42.x86_64" is already installed. Package "python3-defusedxml-0.7.1-17.fc42.noarch" is already installed. Package "python3-packaging-24.2-2.fc42.noarch" is already installed. Package "python3-pip-24.3.1-1.fc42.noarch" is already installed. Package "python3-poetry-core-1.9.1-1.fc42.noarch" is already installed. Package "python3-pyOpenSSL-24.2.1-1.fc42.noarch" is already installed. Package "python3-dateutil-1:2.8.2-16.fc41.noarch" is already installed. Package "python3-pytz-2024.2-1.fc42.noarch" is already installed. Package "tox-4.23.2-1.fc42.noarch" is already installed. Package "python3-tox-current-env-0.0.14-1.fc42.noarch" is already installed. Package "python3-xmlschema-3.4.2-2.fc42.noarch" is already installed. Package "xmlsec1-1:1.2.39-4.fc41.x86_64" is already installed. Package "xmlsec1-openssl-1:1.2.39-4.fc41.x86_64" is already installed. Nothing to do. Building target platforms: x86_64 Building for target x86_64 setting SOURCE_DATE_EPOCH=1721347200 Executing(%generate_buildrequires): /bin/sh -e /var/tmp/rpm-tmp.FYUwBl + umask 022 + cd /builddir/build/BUILD/python-pysaml2-7.4.2-build + cd pysaml2-7.4.2 + echo pyproject-rpm-macros + echo python3-devel + echo 'python3dist(packaging)' + echo 'python3dist(pip) >= 19' + '[' -f pyproject.toml ']' + echo '(python3dist(tomli) if python3-devel < 3.11)' + rm -rfv '*.dist-info/' + '[' -f /usr/bin/python3 ']' + mkdir -p /builddir/build/BUILD/python-pysaml2-7.4.2-build/.pyproject-builddir + echo -n + CFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer ' + CXXFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer ' + FFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules ' + FCFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules ' + VALAFLAGS=-g + RUSTFLAGS='-Copt-level=3 -Cdebuginfo=2 -Ccodegen-units=1 -Cstrip=none -Cforce-frame-pointers=yes --cap-lints=warn' + LDFLAGS='-Wl,-z,relro -Wl,--as-needed -Wl,-z,pack-relative-relocs -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 ' + LT_SYS_LIBRARY_PATH=/usr/lib64: + CC=gcc + CXX=g++ + TMPDIR=/builddir/build/BUILD/python-pysaml2-7.4.2-build/.pyproject-builddir + RPM_TOXENV=py313 + HOSTNAME=rpmbuild + /usr/bin/python3 -Bs /usr/lib/rpm/redhat/pyproject_buildrequires.py --generate-extras --python3_pkgversion 3 --wheeldir /builddir/build/BUILD/python-pysaml2-7.4.2-build/pyproject-wheeldir --output /builddir/build/BUILD/python-pysaml2-7.4.2-build/python-pysaml2-7.4.2-6.fc42.x86_64-pyproject-buildrequires -t Handling poetry_core>=1.0.0 from build-system.requires Requirement satisfied: poetry_core>=1.0.0 (installed: poetry_core 1.9.1) Handling tox-current-env >= 0.0.6 from tox itself Requirement satisfied: tox-current-env >= 0.0.6 (installed: tox-current-env 0.0.14) py313: OK (0.00 seconds) congratulations :) (0.07 seconds) Handling tox from tox --print-deps-only: py313 Requirement satisfied: tox (installed: tox 4.23.2) py313: OK (0.00 seconds) congratulations :) (0.06 seconds) Handling cryptography (>=3.1) from hook generated metadata: Requires-Dist (pysaml2) Requirement satisfied: cryptography (>=3.1) (installed: cryptography 43.0.0) Handling defusedxml from hook generated metadata: Requires-Dist (pysaml2) Requirement satisfied: defusedxml (installed: defusedxml 0.7.1) Handling importlib-metadata (>=1.7.0) ; python_version < "3.8" from hook generated metadata: Requires-Dist (pysaml2) Ignoring alien requirement: importlib-metadata (>=1.7.0) ; python_version < "3.8" Handling importlib-resources ; python_version < "3.9" from hook generated metadata: Requires-Dist (pysaml2) Ignoring alien requirement: importlib-resources ; python_version < "3.9" Handling paste ; extra == "s2repoze" from hook generated metadata: Requires-Dist (pysaml2) Ignoring alien requirement: paste ; extra == "s2repoze" Handling pyopenssl from hook generated metadata: Requires-Dist (pysaml2) Requirement satisfied: pyopenssl (installed: pyopenssl 24.2.1) Handling python-dateutil from hook generated metadata: Requires-Dist (pysaml2) Requirement satisfied: python-dateutil (installed: python-dateutil 2.8.2) Handling pytz from hook generated metadata: Requires-Dist (pysaml2) Requirement satisfied: pytz (installed: pytz 2024.2) Handling repoze.who ; extra == "s2repoze" from hook generated metadata: Requires-Dist (pysaml2) Ignoring alien requirement: repoze.who ; extra == "s2repoze" Handling requests (>=2,<3) from hook generated metadata: Requires-Dist (pysaml2) Requirement satisfied: requests (>=2,<3) (installed: requests 2.32.3) Handling xmlschema (>=1.2.1) from hook generated metadata: Requires-Dist (pysaml2) Requirement satisfied: xmlschema (>=1.2.1) (installed: xmlschema 3.4.2) Handling zope.interface ; extra == "s2repoze" from hook generated metadata: Requires-Dist (pysaml2) Ignoring alien requirement: zope.interface ; extra == "s2repoze" + cat /builddir/build/BUILD/python-pysaml2-7.4.2-build/python-pysaml2-7.4.2-6.fc42.x86_64-pyproject-buildrequires + rm -rfv pysaml2-7.4.2.dist-info/ removed 'pysaml2-7.4.2.dist-info/entry_points.txt' removed 'pysaml2-7.4.2.dist-info/WHEEL' removed 'pysaml2-7.4.2.dist-info/METADATA' removed 'pysaml2-7.4.2.dist-info/LICENSE' removed directory 'pysaml2-7.4.2.dist-info/' + RPM_EC=0 ++ jobs -p + exit 0 Executing(%build): /bin/sh -e /var/tmp/rpm-tmp.BblOtt + umask 022 + cd /builddir/build/BUILD/python-pysaml2-7.4.2-build + CFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer ' + export CFLAGS + CXXFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer ' + export CXXFLAGS + FFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules ' + export FFLAGS + FCFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules ' + export FCFLAGS + VALAFLAGS=-g + export VALAFLAGS + RUSTFLAGS='-Copt-level=3 -Cdebuginfo=2 -Ccodegen-units=1 -Cstrip=none -Cforce-frame-pointers=yes -Clink-arg=-specs=/usr/lib/rpm/redhat/redhat-package-notes --cap-lints=warn' + export RUSTFLAGS + LDFLAGS='-Wl,-z,relro -Wl,--as-needed -Wl,-z,pack-relative-relocs -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes ' + export LDFLAGS + LT_SYS_LIBRARY_PATH=/usr/lib64: + export LT_SYS_LIBRARY_PATH + CC=gcc + export CC + CXX=g++ + export CXX + cd pysaml2-7.4.2 + mkdir -p /builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/.pyproject-builddir + CFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer ' + CXXFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer ' + FFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules ' + FCFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules ' + VALAFLAGS=-g + RUSTFLAGS='-Copt-level=3 -Cdebuginfo=2 -Ccodegen-units=1 -Cstrip=none -Cforce-frame-pointers=yes -Clink-arg=-specs=/usr/lib/rpm/redhat/redhat-package-notes --cap-lints=warn' + LDFLAGS='-Wl,-z,relro -Wl,--as-needed -Wl,-z,pack-relative-relocs -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes ' + LT_SYS_LIBRARY_PATH=/usr/lib64: + CC=gcc + CXX=g++ + TMPDIR=/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/.pyproject-builddir + /usr/bin/python3 -Bs /usr/lib/rpm/redhat/pyproject_wheel.py /builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/pyproject-wheeldir Processing /builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2 Preparing metadata (pyproject.toml): started Running command Preparing metadata (pyproject.toml) Preparing metadata (pyproject.toml): finished with status 'done' Building wheels for collected packages: pysaml2 Building wheel for pysaml2 (pyproject.toml): started Running command Building wheel for pysaml2 (pyproject.toml) Building wheel for pysaml2 (pyproject.toml): finished with status 'done' Created wheel for pysaml2: filename=pysaml2-7.4.2-py3-none-any.whl size=417769 sha256=26f0581a6616b6456df7be189b726e77db878073943cd5d0447219e295a6ea62 Stored in directory: /builddir/.cache/pip/wheels/01/b9/eb/75f72f6a4448fdc07c5ffc8f00ad2896051c69eedccbfbb041 Successfully built pysaml2 + RPM_EC=0 ++ jobs -p + exit 0 Executing(%install): /bin/sh -e /var/tmp/rpm-tmp.Vap50h + umask 022 + cd /builddir/build/BUILD/python-pysaml2-7.4.2-build + '[' /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT '!=' / ']' + rm -rf /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT ++ dirname /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT + mkdir -p /builddir/build/BUILD/python-pysaml2-7.4.2-build + mkdir /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT + CFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer ' + export CFLAGS + CXXFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer ' + export CXXFLAGS + FFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules ' + export FFLAGS + FCFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules ' + export FCFLAGS + VALAFLAGS=-g + export VALAFLAGS + RUSTFLAGS='-Copt-level=3 -Cdebuginfo=2 -Ccodegen-units=1 -Cstrip=none -Cforce-frame-pointers=yes -Clink-arg=-specs=/usr/lib/rpm/redhat/redhat-package-notes --cap-lints=warn' + export RUSTFLAGS + LDFLAGS='-Wl,-z,relro -Wl,--as-needed -Wl,-z,pack-relative-relocs -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes ' + export LDFLAGS + LT_SYS_LIBRARY_PATH=/usr/lib64: + export LT_SYS_LIBRARY_PATH + CC=gcc + export CC + CXX=g++ + export CXX + cd pysaml2-7.4.2 ++ xargs basename --multiple ++ ls /builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/pyproject-wheeldir/pysaml2-7.4.2-py3-none-any.whl ++ sed -E 's/([^-]+)-([^-]+)-.+\.whl/\1==\2/' + specifier=pysaml2==7.4.2 + '[' -z pysaml2==7.4.2 ']' + TMPDIR=/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/.pyproject-builddir + /usr/bin/python3 -m pip install --root /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT --prefix /usr --no-deps --disable-pip-version-check --progress-bar off --verbose --ignore-installed --no-warn-script-location --no-index --no-cache-dir --find-links /builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/pyproject-wheeldir pysaml2==7.4.2 Using pip 24.3.1 from /usr/lib/python3.13/site-packages/pip (python 3.13) Looking in links: /builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/pyproject-wheeldir Processing ./pyproject-wheeldir/pysaml2-7.4.2-py3-none-any.whl Installing collected packages: pysaml2 Creating /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/bin changing mode of /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/bin/make_metadata to 755 changing mode of /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/bin/mdexport to 755 changing mode of /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/bin/merge_metadata to 755 changing mode of /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/bin/parse_xsd2 to 755 Successfully installed pysaml2-7.4.2 + '[' -d /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/bin ']' + '[' -z sP ']' + shebang_flags=-kasP + /usr/bin/python3 -B /usr/lib/rpm/redhat/pathfix.py -pni /usr/bin/python3 -kasP /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/bin/make_metadata /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/bin/mdexport /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/bin/merge_metadata /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/bin/parse_xsd2 /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/bin/make_metadata: updating /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/bin/mdexport: updating /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/bin/merge_metadata: updating /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/bin/parse_xsd2: updating + rm -rfv /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/bin/__pycache__ + rm -f /builddir/build/BUILD/python-pysaml2-7.4.2-build/python-pysaml2-7.4.2-6.fc42.x86_64-pyproject-ghost-distinfo + site_dirs=() + '[' -d /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages ']' + site_dirs+=("/usr/lib/python3.13/site-packages") + '[' /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib64/python3.13/site-packages '!=' /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages ']' + '[' -d /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib64/python3.13/site-packages ']' + for site_dir in ${site_dirs[@]} + for distinfo in /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT$site_dir/*.dist-info + echo '%ghost /usr/lib/python3.13/site-packages/pysaml2-7.4.2.dist-info' + sed -i s/pip/rpm/ /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/pysaml2-7.4.2.dist-info/INSTALLER + PYTHONPATH=/usr/lib/rpm/redhat + /usr/bin/python3 -B /usr/lib/rpm/redhat/pyproject_preprocess_record.py --buildroot /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT --record /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/pysaml2-7.4.2.dist-info/RECORD --output /builddir/build/BUILD/python-pysaml2-7.4.2-build/python-pysaml2-7.4.2-6.fc42.x86_64-pyproject-record + rm -fv /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/pysaml2-7.4.2.dist-info/RECORD removed '/builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/pysaml2-7.4.2.dist-info/RECORD' + rm -fv /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/pysaml2-7.4.2.dist-info/REQUESTED removed '/builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/pysaml2-7.4.2.dist-info/REQUESTED' ++ wc -l /builddir/build/BUILD/python-pysaml2-7.4.2-build/python-pysaml2-7.4.2-6.fc42.x86_64-pyproject-ghost-distinfo ++ cut -f1 '-d ' + lines=1 + '[' 1 -ne 1 ']' + RPM_FILES_ESCAPE=4.19 + /usr/bin/python3 /usr/lib/rpm/redhat/pyproject_save_files.py --output-files /builddir/build/BUILD/python-pysaml2-7.4.2-build/python-pysaml2-7.4.2-6.fc42.x86_64-pyproject-files --output-modules /builddir/build/BUILD/python-pysaml2-7.4.2-build/python-pysaml2-7.4.2-6.fc42.x86_64-pyproject-modules --buildroot /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT --sitelib /usr/lib/python3.13/site-packages --sitearch /usr/lib64/python3.13/site-packages --python-version 3.13 --pyproject-record /builddir/build/BUILD/python-pysaml2-7.4.2-build/python-pysaml2-7.4.2-6.fc42.x86_64-pyproject-record --prefix /usr saml2 saml2test + for bin in parse_xsd2 make_metadata mdexport merge_metadata + ln -s parse_xsd2 /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT//usr/bin/parse_xsd2.py + for bin in parse_xsd2 make_metadata mdexport merge_metadata + ln -s make_metadata /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT//usr/bin/make_metadata.py + for bin in parse_xsd2 make_metadata mdexport merge_metadata + ln -s mdexport /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT//usr/bin/mdexport.py + for bin in parse_xsd2 make_metadata mdexport merge_metadata + ln -s merge_metadata /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT//usr/bin/merge_metadata.py + sed -i /alabaster/d docs/conf.py + export PYTHONPATH=/builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT//usr/lib/python3.13/site-packages + PYTHONPATH=/builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT//usr/lib/python3.13/site-packages + sphinx-build-3 docs html Running Sphinx v8.1.3 loading translations [en]... done making output directory... done Converting `source_suffix = '.rst'` to `source_suffix = {'.rst': 'restructuredtext'}`. building [mo]: targets for 0 po files that are out of date writing output... building [html]: targets for 8 source files that are out of date updating environment: [new config] 8 added, 0 changed, 0 removed reading sources... [ 12%] examples/idp reading sources... [ 25%] examples/index reading sources... [ 38%] examples/sp reading sources... [ 50%] howto/config reading sources... [ 62%] howto/index reading sources... [ 75%] index reading sources... [ 88%] install reading sources... [100%] sp_test/internal looking for now-outdated files... none found pickling environment... done checking consistency... done preparing documents... done copying assets... copying static files... Writing evaluated template result to /builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/html/_static/basic.css Writing evaluated template result to /builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/html/_static/documentation_options.js Writing evaluated template result to /builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/html/_static/language_data.js Writing evaluated template result to /builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/html/_static/alabaster.css copying static files: done copying extra files... copying extra files: done copying assets: done writing output... [ 12%] examples/idp writing output... [ 25%] examples/index writing output... [ 38%] examples/sp writing output... [ 50%] howto/config writing output... [ 62%] howto/index writing output... [ 75%] index writing output... [ 88%] install writing output... [100%] sp_test/internal generating indices... genindex done writing additional pages... search done dumping search index in English (code: en)... done dumping object inventory... done build succeeded. The HTML pages are in html. + rm -rf html/.doctrees html/.buildinfo + /usr/lib/rpm/check-buildroot + /usr/lib/rpm/redhat/brp-ldconfig + /usr/lib/rpm/brp-compress + /usr/lib/rpm/brp-strip /usr/bin/strip + /usr/lib/rpm/brp-strip-comment-note /usr/bin/strip /usr/bin/objdump + /usr/lib/rpm/redhat/brp-strip-lto /usr/bin/strip + /usr/lib/rpm/brp-strip-static-archive /usr/bin/strip + /usr/lib/rpm/check-rpaths + /usr/lib/rpm/redhat/brp-mangle-shebangs *** WARNING: ./usr/lib/python3.13/site-packages/saml2/authn_context/timesync.py is executable but has no shebang, removing executable bit mangling shebang in /usr/lib/python3.13/site-packages/saml2/tools/update_metadata.sh from /bin/sh to #!/usr/bin/sh + /usr/lib/rpm/brp-remove-la-files + env /usr/lib/rpm/redhat/brp-python-bytecompile '' 1 0 -j2 Bytecompiling .py files below /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13 using python3.13 + /usr/lib/rpm/redhat/brp-python-hardlink + /usr/bin/add-determinism --brp -j2 /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/attributemaps/__pycache__/adfs_v1x.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/attributemaps/__pycache__/adfs_v20.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/attributemaps/__pycache__/basic.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/attributemaps/__pycache__/saml_uri.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/attributemaps/__pycache__/__init__.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/attributemaps/__pycache__/shibboleth_uri.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/authn_context/__pycache__/__init__.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/authn_context/__pycache__/ippword.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/authn_context/__pycache__/mobiletwofactor.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/authn_context/__pycache__/ppt.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/authn_context/__pycache__/timesync.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/authn_context/__pycache__/pword.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/cryptography/__pycache__/__init__.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/authn_context/__pycache__/sslcert.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/cryptography/__pycache__/asymmetric.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/cryptography/__pycache__/errors.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/cryptography/__pycache__/pki.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/data/schemas/__pycache__/__init__.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/data/templates/__pycache__/__init__.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/data/__pycache__/__init__.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity_category/__pycache__/__init__.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity_category/__pycache__/at_egov_pvp2.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity_category/__pycache__/edugain.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity_category/__pycache__/incommon.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity_category/__pycache__/refeds.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity_category/__pycache__/swamid.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/cryptography/__pycache__/symmetric.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/extension/__pycache__/__init__.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/extension/__pycache__/algsupport.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/extension/__pycache__/idpdisc.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/extension/__pycache__/mdattr.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/extension/__pycache__/mdrpi.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/extension/__pycache__/dri.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/extension/__pycache__/pefim.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/extension/__pycache__/reqinit.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/extension/__pycache__/requested_attributes.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/extension/__pycache__/shibmd.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/extension/__pycache__/sp_type.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/profile/__pycache__/__init__.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/profile/__pycache__/ecp.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/extension/__pycache__/mdui.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/profile/__pycache__/samlec.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/s2repoze/plugins/__pycache__/__init__.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/s2repoze/plugins/__pycache__/challenge_decider.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/profile/__pycache__/paos.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/s2repoze/plugins/__pycache__/entitlement.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/s2repoze/plugins/__pycache__/formswithhidden.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/s2repoze/plugins/__pycache__/ini.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/s2repoze/__pycache__/__init__.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/schema/__pycache__/soap.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/s2repoze/plugins/__pycache__/sp.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/schema/__pycache__/soapenv.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/schema/__pycache__/__init__.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/tools/__pycache__/make_metadata.cpython-313.pyc: replacing with normalized version /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/tools/__pycache__/make_metadata.cpython-313.opt-1.pyc: replacing with normalized version /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/tools/__pycache__/mdexport.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/tools/__pycache__/mdexport_test.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/tools/__pycache__/mdimport.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/tools/__pycache__/merge_metadata.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/tools/__pycache__/verify_metadata.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/schema/__pycache__/wsdl.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/tools/__pycache__/sync_attrmaps.cpython-313.pyc: replacing with normalized version /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/tools/__pycache__/sync_attrmaps.cpython-313.opt-1.pyc: replacing with normalized version /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/userinfo/__pycache__/__init__.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/userinfo/__pycache__/ldapinfo.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/ws/__pycache__/__init__.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/ws/__pycache__/wsaddr.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/ws/__pycache__/wspol.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/ws/__pycache__/wssec.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/tools/__pycache__/parse_xsd2.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/ws/__pycache__/wsutil.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/xml/schema/__pycache__/__init__.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/xml/__pycache__/__init__.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/ws/__pycache__/wstrust.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/xmlenc/__pycache__/__init__.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/xmldsig/__pycache__/__init__.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/algsupport.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/argtree.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/assertion.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/__init__.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/attribute_resolver.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/attribute_converter.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/cache.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/authn.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/cert.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/client.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/client_base.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/config.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/discovery.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/country_codes.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/ecp.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/ecp_client.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/eptid.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/filter.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/httpbase.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/httputil.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/entity.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/ident.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/mcache.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/mdbcache.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/mdie.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/mongo_store.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/pack.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/population.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/md.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/request.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/mdstore.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/metadata.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/s_utils.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/response.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/sdb.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/server.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/saml.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/samlp.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/soap.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/time_util.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/validate.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/version.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/sigver.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/__pycache__/virtual_org.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2test/__pycache__/__init__.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2test/__pycache__/check.cpython-313.pyc: replacing with normalized version /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2test/__pycache__/check.cpython-313.opt-1.pyc: replacing with normalized version /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2test/__pycache__/opfunc.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2test/__pycache__/status.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2test/__pycache__/interaction.cpython-313.pyc: rewriting with normalized contents /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2test/__pycache__/tool.cpython-313.pyc: rewriting with normalized contents Scanned 49 directories and 434 files, processed 127 inodes, 127 modified (6 replaced + 121 rewritten), 0 unsupported format, 0 errors Executing(%check): /bin/sh -e /var/tmp/rpm-tmp.L1OQPe + umask 022 + cd /builddir/build/BUILD/python-pysaml2-7.4.2-build + CFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer ' + export CFLAGS + CXXFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer ' + export CXXFLAGS + FFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules ' + export FFLAGS + FCFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/lib64/gfortran/modules ' + export FCFLAGS + VALAFLAGS=-g + export VALAFLAGS + RUSTFLAGS='-Copt-level=3 -Cdebuginfo=2 -Ccodegen-units=1 -Cstrip=none -Cforce-frame-pointers=yes -Clink-arg=-specs=/usr/lib/rpm/redhat/redhat-package-notes --cap-lints=warn' + export RUSTFLAGS + LDFLAGS='-Wl,-z,relro -Wl,--as-needed -Wl,-z,pack-relative-relocs -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes ' + export LDFLAGS + LT_SYS_LIBRARY_PATH=/usr/lib64: + export LT_SYS_LIBRARY_PATH + CC=gcc + export CC + CXX=g++ + export CXX + cd pysaml2-7.4.2 + CFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer ' + LDFLAGS='-Wl,-z,relro -Wl,--as-needed -Wl,-z,pack-relative-relocs -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes ' + PATH=/builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/sbin + PYTHONPATH=/builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib64/python3.13/site-packages:/builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages + PYTHONDONTWRITEBYTECODE=1 + PYTEST_ADDOPTS=' --ignore=/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/.pyproject-builddir' + PYTEST_XDIST_AUTO_NUM_WORKERS=2 + /usr/bin/pytest ============================= test session starts ============================== platform linux -- Python 3.13.0, pytest-8.3.3, pluggy-1.5.0 -- /usr/bin/python3 cachedir: .pytest_cache rootdir: /builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2 configfile: pyproject.toml testpaths: tests collecting ... collected 785 items tests/test_00_xmldsig.py::TestObject::testAccessors PASSED [ 0%] tests/test_00_xmldsig.py::TestObject::testUsingTestData PASSED [ 0%] tests/test_00_xmldsig.py::TestMgmtData::testAccessors PASSED [ 0%] tests/test_00_xmldsig.py::TestMgmtData::testUsingTestData PASSED [ 0%] tests/test_00_xmldsig.py::TestSPKISexp::testAccessors PASSED [ 0%] tests/test_00_xmldsig.py::TestSPKISexp::testUsingTestData PASSED [ 0%] tests/test_00_xmldsig.py::TestSPKIData::testAccessors PASSED [ 0%] tests/test_00_xmldsig.py::TestSPKIData::testUsingTestData PASSED [ 1%] tests/test_00_xmldsig.py::TestPGPData::testAccessors PASSED [ 1%] tests/test_00_xmldsig.py::TestPGPData::testUsingTestData PASSED [ 1%] tests/test_00_xmldsig.py::TestX509IssuerSerial::testAccessors PASSED [ 1%] tests/test_00_xmldsig.py::TestX509IssuerSerial::testUsingTestData PASSED [ 1%] tests/test_00_xmldsig.py::TestX509Data::testAccessors PASSED [ 1%] tests/test_00_xmldsig.py::TestX509Data::testUsingTestData PASSED [ 1%] tests/test_00_xmldsig.py::TestTransform::testAccessors PASSED [ 1%] tests/test_00_xmldsig.py::TestTransform::testUsingTestData PASSED [ 2%] tests/test_00_xmldsig.py::TestTransforms::testAccessors PASSED [ 2%] tests/test_00_xmldsig.py::TestTransforms::testUsingTestData PASSED [ 2%] tests/test_00_xmldsig.py::TestRetrievalMethod::testAccessors PASSED [ 2%] tests/test_00_xmldsig.py::TestRetrievalMethod::testUsingTestData PASSED [ 2%] tests/test_00_xmldsig.py::TestRSAKeyValue::testAccessors PASSED [ 2%] tests/test_00_xmldsig.py::TestRSAKeyValue::testUsingTestData PASSED [ 2%] tests/test_00_xmldsig.py::TestDSAKeyValue::testAccessors PASSED [ 2%] tests/test_00_xmldsig.py::TestDSAKeyValue::testUsingTestData PASSED [ 3%] tests/test_00_xmldsig.py::TestKeyValue::testAccessors PASSED [ 3%] tests/test_00_xmldsig.py::TestKeyValue::testUsingTestData PASSED [ 3%] tests/test_00_xmldsig.py::TestKeyName::testAccessors PASSED [ 3%] tests/test_00_xmldsig.py::TestKeyName::testUsingTestData PASSED [ 3%] tests/test_00_xmldsig.py::TestKeyInfo::testAccessors PASSED [ 3%] tests/test_00_xmldsig.py::TestKeyInfo::testUsingTestData PASSED [ 3%] tests/test_00_xmldsig.py::TestDigestValue::testAccessors PASSED [ 3%] tests/test_00_xmldsig.py::TestDigestValue::testUsingTestData PASSED [ 4%] tests/test_00_xmldsig.py::TestDigestMethod::testAccessors PASSED [ 4%] tests/test_00_xmldsig.py::TestDigestMethod::testUsingTestData PASSED [ 4%] tests/test_00_xmldsig.py::TestReference::testAccessors PASSED [ 4%] tests/test_00_xmldsig.py::TestReference::testUsingTestData PASSED [ 4%] tests/test_00_xmldsig.py::TestSignatureMethod::testAccessors PASSED [ 4%] tests/test_00_xmldsig.py::TestSignatureMethod::testUsingTestData PASSED [ 4%] tests/test_00_xmldsig.py::TestCanonicalizationMethod::testAccessors PASSED [ 4%] tests/test_00_xmldsig.py::TestCanonicalizationMethod::testUsingTestData PASSED [ 5%] tests/test_00_xmldsig.py::TestSignedInfo::testAccessors PASSED [ 5%] tests/test_00_xmldsig.py::TestSignedInfo::testUsingTestData PASSED [ 5%] tests/test_00_xmldsig.py::TestSignatureValue::testAccessors PASSED [ 5%] tests/test_00_xmldsig.py::TestSignatureValue::testUsingTestData PASSED [ 5%] tests/test_00_xmldsig.py::TestSignature::testAccessors PASSED [ 5%] tests/test_00_xmldsig.py::TestSignature::testUsingTestData PASSED [ 5%] tests/test_01_xmlenc.py::test_1 PASSED [ 5%] tests/test_01_xmlenc.py::test_2 PASSED [ 6%] tests/test_01_xmlenc.py::test_3 PASSED [ 6%] tests/test_01_xmlenc.py::test_4 PASSED [ 6%] tests/test_01_xmlenc.py::test_5 PASSED [ 6%] tests/test_01_xmlenc.py::test_6 PASSED [ 6%] tests/test_02_saml.py::TestExtensionElement::test_loadd PASSED [ 6%] tests/test_02_saml.py::TestExtensionElement::test_find_children PASSED [ 6%] tests/test_02_saml.py::TestExtensionContainer::test_find_extensions PASSED [ 7%] tests/test_02_saml.py::TestExtensionContainer::test_add_extension_elements PASSED [ 7%] tests/test_02_saml.py::TestExtensionContainer::test_add_extension_attribute PASSED [ 7%] tests/test_02_saml.py::TestSAMLBase::test_make_vals_dict PASSED [ 7%] tests/test_02_saml.py::TestSAMLBase::test_make_vals_str PASSED [ 7%] tests/test_02_saml.py::TestSAMLBase::test_make_vals_multi_dict PASSED [ 7%] tests/test_02_saml.py::TestSAMLBase::test_to_string_nspair PASSED [ 7%] tests/test_02_saml.py::TestSAMLBase::test_set_text_empty PASSED [ 7%] tests/test_02_saml.py::TestSAMLBase::test_set_text_value PASSED [ 8%] tests/test_02_saml.py::TestSAMLBase::test_set_text_update_same_type PASSED [ 8%] tests/test_02_saml.py::TestSAMLBase::test_set_text_cannot_change_value_type PASSED [ 8%] tests/test_02_saml.py::TestSAMLBase::test_set_xs_type_anytype_unchanged_value PASSED [ 8%] tests/test_02_saml.py::TestSAMLBase::test_set_xs_type_date PASSED [ 8%] tests/test_02_saml.py::TestSAMLBase::test_treat_invalid_types_as_string PASSED [ 8%] tests/test_02_saml.py::TestSAMLBase::test_make_vals_div PASSED [ 8%] tests/test_02_saml.py::TestNameID::testEmptyExtensionsList PASSED [ 8%] tests/test_02_saml.py::TestNameID::testFormatAttribute PASSED [ 9%] tests/test_02_saml.py::TestNameID::testNameIDText PASSED [ 9%] tests/test_02_saml.py::TestNameID::testSPProvidedID PASSED [ 9%] tests/test_02_saml.py::TestNameID::testEmptyNameIDToAndFromStringMatch PASSED [ 9%] tests/test_02_saml.py::TestNameID::testNameIDToAndFromStringMatch PASSED [ 9%] tests/test_02_saml.py::TestNameID::testExtensionAttributes PASSED [ 9%] tests/test_02_saml.py::TestNameID::testname_id_from_string PASSED [ 9%] tests/test_02_saml.py::TestIssuer::testIssuerToAndFromString PASSED [ 9%] tests/test_02_saml.py::TestIssuer::testUsingTestData PASSED [ 10%] tests/test_02_saml.py::TestSubjectLocality::testAccessors PASSED [ 10%] tests/test_02_saml.py::TestSubjectLocality::testUsingTestData PASSED [ 10%] tests/test_02_saml.py::TestAuthnContextClassRef::testAccessors PASSED [ 10%] tests/test_02_saml.py::TestAuthnContextClassRef::testUsingTestData PASSED [ 10%] tests/test_02_saml.py::TestAuthnContextDeclRef::testAccessors PASSED [ 10%] tests/test_02_saml.py::TestAuthnContextDeclRef::testUsingTestData PASSED [ 10%] tests/test_02_saml.py::TestAuthnContextDecl::testAccessors PASSED [ 10%] tests/test_02_saml.py::TestAuthnContextDecl::testUsingTestData PASSED [ 11%] tests/test_02_saml.py::TestAuthenticatingAuthority::testAccessors PASSED [ 11%] tests/test_02_saml.py::TestAuthenticatingAuthority::testUsingTestData PASSED [ 11%] tests/test_02_saml.py::TestAuthnContext::testAccessors PASSED [ 11%] tests/test_02_saml.py::TestAuthnContext::testUsingTestData PASSED [ 11%] tests/test_02_saml.py::TestAuthnStatement::testAccessors PASSED [ 11%] tests/test_02_saml.py::TestAuthnStatement::testUsingTestData PASSED [ 11%] tests/test_02_saml.py::TestAttributeValue::testAccessors PASSED [ 11%] tests/test_02_saml.py::TestAttributeValue::testUsingTestData PASSED [ 12%] tests/test_02_saml.py::TestAttribute::testAccessors PASSED [ 12%] tests/test_02_saml.py::TestAttribute::testUsingTestData PASSED [ 12%] tests/test_02_saml.py::TestAttribute::test_basic_str PASSED [ 12%] tests/test_02_saml.py::TestAttribute::test_basic_int PASSED [ 12%] tests/test_02_saml.py::TestAttribute::test_basic_base64 PASSED [ 12%] tests/test_02_saml.py::TestAttribute::test_basic_boolean_true PASSED [ 12%] tests/test_02_saml.py::TestAttribute::test_basic_boolean_false PASSED [ 12%] tests/test_02_saml.py::TestAttributeStatement::testAccessors PASSED [ 13%] tests/test_02_saml.py::TestAttributeStatement::testUsingTestData PASSED [ 13%] tests/test_02_saml.py::TestSubjectConfirmationData::testAccessors PASSED [ 13%] tests/test_02_saml.py::TestSubjectConfirmationData::testUsingTestData PASSED [ 13%] tests/test_02_saml.py::TestSubjectConfirmation::testAccessors PASSED [ 13%] tests/test_02_saml.py::TestSubjectConfirmation::testBearerUsingTestData PASSED [ 13%] tests/test_02_saml.py::TestSubjectConfirmation::testHolderOfKeyUsingTestData PASSED [ 13%] tests/test_02_saml.py::TestSubject::testAccessors PASSED [ 14%] tests/test_02_saml.py::TestSubject::testUsingTestData PASSED [ 14%] tests/test_02_saml.py::TestCondition::testAccessors PASSED [ 14%] tests/test_02_saml.py::TestCondition::testUsingTestData PASSED [ 14%] tests/test_02_saml.py::TestAudience::testAccessors PASSED [ 14%] tests/test_02_saml.py::TestAudience::testUsingTestData PASSED [ 14%] tests/test_02_saml.py::TestAudienceRestriction::testAccessors PASSED [ 14%] tests/test_02_saml.py::TestAudienceRestriction::testUsingTestData PASSED [ 14%] tests/test_02_saml.py::TestOneTimeUse::testAccessors PASSED [ 15%] tests/test_02_saml.py::TestOneTimeUse::testUsingTestData PASSED [ 15%] tests/test_02_saml.py::TestProxyRestriction::testAccessors PASSED [ 15%] tests/test_02_saml.py::TestProxyRestriction::testUsingTestData PASSED [ 15%] tests/test_02_saml.py::TestConditions::testAccessors PASSED [ 15%] tests/test_02_saml.py::TestConditions::testUsingTestData PASSED [ 15%] tests/test_02_saml.py::TestAssertionIDRef::testAccessors PASSED [ 15%] tests/test_02_saml.py::TestAssertionIDRef::testUsingTestData PASSED [ 15%] tests/test_02_saml.py::TestAssertionURIRef::testAccessors PASSED [ 16%] tests/test_02_saml.py::TestAssertionURIRef::testUsingTestData PASSED [ 16%] tests/test_02_saml.py::TestAction::testAccessors PASSED [ 16%] tests/test_02_saml.py::TestAction::testUsingTestData PASSED [ 16%] tests/test_02_saml.py::TestEvidence::testAccessors PASSED [ 16%] tests/test_02_saml.py::TestEvidence::testUsingTestData PASSED [ 16%] tests/test_02_saml.py::TestAuthzDecisionStatement::testAccessors PASSED [ 16%] tests/test_02_saml.py::TestAuthzDecisionStatement::testUsingTestData PASSED [ 16%] tests/test_02_saml.py::TestAdvice::testAccessors PASSED [ 17%] tests/test_02_saml.py::TestAdvice::testUsingTestData PASSED [ 17%] tests/test_02_saml.py::TestAssertion::testAccessors PASSED [ 17%] tests/test_02_saml.py::TestAssertion::testUsingTestData PASSED [ 17%] tests/test_03_saml2.py::test_create_class_from_xml_string_nameid PASSED [ 17%] tests/test_03_saml2.py::test_create_class_from_xml_string_issuer PASSED [ 17%] tests/test_03_saml2.py::test_create_class_from_xml_string_subject_locality PASSED [ 17%] tests/test_03_saml2.py::test_create_class_from_xml_string_subject_confirmation_data PASSED [ 17%] tests/test_03_saml2.py::test_create_class_from_xml_string_subject_confirmation PASSED [ 18%] tests/test_03_saml2.py::test_create_class_from_xml_string_wrong_class_spec PASSED [ 18%] tests/test_03_saml2.py::test_create_class_from_xml_string_xxe PASSED [ 18%] tests/test_03_saml2.py::test_ee_1 PASSED [ 18%] tests/test_03_saml2.py::test_ee_2 PASSED [ 18%] tests/test_03_saml2.py::test_ee_3 PASSED [ 18%] tests/test_03_saml2.py::test_ee_4 PASSED [ 18%] tests/test_03_saml2.py::test_ee_5 PASSED [ 18%] tests/test_03_saml2.py::test_ee_6 PASSED [ 19%] tests/test_03_saml2.py::test_nameid_with_extension PASSED [ 19%] tests/test_03_saml2.py::test_subject_confirmation_with_extension PASSED [ 19%] tests/test_03_saml2.py::test_to_fro_string_1 PASSED [ 19%] tests/test_03_saml2.py::test_make_vals_str PASSED [ 19%] tests/test_03_saml2.py::test_make_vals_list_of_strs PASSED [ 19%] tests/test_03_saml2.py::test_attribute_element_to_extension_element PASSED [ 19%] tests/test_03_saml2.py::test_ee_7 PASSED [ 20%] tests/test_03_saml2.py::test_ee_xxe PASSED [ 20%] tests/test_03_saml2.py::test_extension_element_loadd PASSED [ 20%] tests/test_03_saml2.py::test_extensions_loadd PASSED [ 20%] tests/test_04_samlp.py::TestStatusDetail::testAccessors PASSED [ 20%] tests/test_04_samlp.py::TestStatusMessage::testAccessors PASSED [ 20%] tests/test_04_samlp.py::TestStatusCode::testAccessors PASSED [ 20%] tests/test_04_samlp.py::TestStatusCode::testUsingTestData PASSED [ 20%] tests/test_04_samlp.py::TestStatus::testAccessors PASSED [ 21%] tests/test_04_samlp.py::TestStatus::testUsingTestData PASSED [ 21%] tests/test_04_samlp.py::TestResponse::testAccessors PASSED [ 21%] tests/test_04_samlp.py::TestResponse::testUsingTestData PASSED [ 21%] tests/test_04_samlp.py::TestNameIDPolicy::testAccessors PASSED [ 21%] tests/test_04_samlp.py::TestNameIDPolicy::testUsingTestData PASSED [ 21%] tests/test_04_samlp.py::TestIDPEntry::testAccessors PASSED [ 21%] tests/test_04_samlp.py::TestIDPEntry::testUsingTestData PASSED [ 21%] tests/test_04_samlp.py::TestIDPList::testAccessors PASSED [ 22%] tests/test_04_samlp.py::TestIDPList::testUsingTestData PASSED [ 22%] tests/test_04_samlp.py::TestScoping::testAccessors PASSED [ 22%] tests/test_04_samlp.py::TestScoping::testUsingTestData PASSED [ 22%] tests/test_04_samlp.py::TestRequestedAuthnContext::testAccessors PASSED [ 22%] tests/test_04_samlp.py::TestRequestedAuthnContext::testUsingTestData PASSED [ 22%] tests/test_04_samlp.py::TestAuthnRequest::testAccessors PASSED [ 22%] tests/test_04_samlp.py::TestAuthnRequest::testUsingTestData PASSED [ 22%] tests/test_04_samlp.py::TestLogoutRequest::testAccessors PASSED [ 23%] tests/test_04_samlp.py::TestLogoutRequest::testUsingTestData PASSED [ 23%] tests/test_04_samlp.py::TestLogoutResponse::testAccessors PASSED [ 23%] tests/test_04_samlp.py::TestLogoutResponse::testUsingTestData PASSED [ 23%] tests/test_05_md.py::TestEndpointType::testAccessors PASSED [ 23%] tests/test_05_md.py::TestEndpointType::testUsingTestData PASSED [ 23%] tests/test_05_md.py::TestIndexedEndpointType::testAccessors PASSED [ 23%] tests/test_05_md.py::TestIndexedEndpointType::testUsingTestData PASSED [ 23%] tests/test_05_md.py::TestExtensions::testAccessors PASSED [ 24%] tests/test_05_md.py::TestOrganizationName::testAccessors PASSED [ 24%] tests/test_05_md.py::TestOrganizationName::testUsingTestData PASSED [ 24%] tests/test_05_md.py::TestOrganizationDisplayName::testAccessors PASSED [ 24%] tests/test_05_md.py::TestOrganizationDisplayName::testUsingTestData PASSED [ 24%] tests/test_05_md.py::TestOrganizationURL::testAccessors PASSED [ 24%] tests/test_05_md.py::TestOrganizationURL::testUsingTestData PASSED [ 24%] tests/test_05_md.py::TestOrganization::testAccessors PASSED [ 24%] tests/test_05_md.py::TestOrganization::testUsingTestData PASSED [ 25%] tests/test_05_md.py::TestContactPerson::testAccessors PASSED [ 25%] tests/test_05_md.py::TestContactPerson::testUsingTestData PASSED [ 25%] tests/test_05_md.py::TestAdditionalMetadataLocation::testAccessors PASSED [ 25%] tests/test_05_md.py::TestAdditionalMetadataLocation::testUsingTestData PASSED [ 25%] tests/test_05_md.py::TestEncryptionMethod::testAccessors PASSED [ 25%] tests/test_05_md.py::TestEncryptionMethod::testUsingTestData PASSED [ 25%] tests/test_05_md.py::TestKeyDescriptor::testAccessors PASSED [ 25%] tests/test_05_md.py::TestKeyDescriptor::testUsingTestData PASSED [ 26%] tests/test_05_md.py::TestRoleDescriptor::testAccessors PASSED [ 26%] tests/test_05_md.py::TestRoleDescriptor::testUsingTestData PASSED [ 26%] tests/test_05_md.py::TestArtifactResolutionService::testAccessors PASSED [ 26%] tests/test_05_md.py::TestArtifactResolutionService::testUsingTestData PASSED [ 26%] tests/test_05_md.py::TestSingleLogout::testAccessors PASSED [ 26%] tests/test_05_md.py::TestSingleLogout::testUsingTestData PASSED [ 26%] tests/test_05_md.py::TestManageNameIDService::testAccessors PASSED [ 27%] tests/test_05_md.py::TestManageNameIDService::testUsingTestData PASSED [ 27%] tests/test_05_md.py::TestNameIDFormat::testAccessors PASSED [ 27%] tests/test_05_md.py::TestNameIDFormat::testUsingTestData PASSED [ 27%] tests/test_05_md.py::TestSingleSignOnService::testAccessors PASSED [ 27%] tests/test_05_md.py::TestSingleSignOnService::testUsingTestData PASSED [ 27%] tests/test_05_md.py::TestNameIDMappingService::testAccessors PASSED [ 27%] tests/test_05_md.py::TestNameIDMappingService::testUsingTestData PASSED [ 27%] tests/test_05_md.py::TestAssertionIDRequestService::testAccessors PASSED [ 28%] tests/test_05_md.py::TestAssertionIDRequestService::testUsingTestData PASSED [ 28%] tests/test_05_md.py::TestAttributeProfile::testAccessors PASSED [ 28%] tests/test_05_md.py::TestAttributeProfile::testUsingTestData PASSED [ 28%] tests/test_05_md.py::TestIDPSSODescriptor::testAccessors PASSED [ 28%] tests/test_05_md.py::TestIDPSSODescriptor::testUsingTestData PASSED [ 28%] tests/test_05_md.py::TestIDPSSODescriptor::testUsingScope PASSED [ 28%] tests/test_05_md.py::TestAssertionConsumerService::testAccessors PASSED [ 28%] tests/test_05_md.py::TestAssertionConsumerService::testUsingTestData PASSED [ 29%] tests/test_05_md.py::TestRequestedAttribute::testAccessors PASSED [ 29%] tests/test_05_md.py::TestRequestedAttribute::testUsingTestData PASSED [ 29%] tests/test_05_md.py::TestServiceName::testAccessors PASSED [ 29%] tests/test_05_md.py::TestServiceName::testUsingTestData PASSED [ 29%] tests/test_05_md.py::TestServiceDescription::testAccessors PASSED [ 29%] tests/test_05_md.py::TestServiceDescription::testUsingTestData PASSED [ 29%] tests/test_05_md.py::TestAttributeConsumingService::testAccessors PASSED [ 29%] tests/test_05_md.py::TestAttributeConsumingService::testUsingTestData PASSED [ 30%] tests/test_05_md.py::TestSPSSODescriptor::testAccessors PASSED [ 30%] tests/test_05_md.py::TestSPSSODescriptor::testUsingTestData PASSED [ 30%] tests/test_05_md.py::TestEntityDescriptor::testAccessors PASSED [ 30%] tests/test_05_md.py::TestEntityDescriptor::testUsingTestData PASSED [ 30%] tests/test_05_md.py::TestEntitiesDescriptor::testAccessors PASSED [ 30%] tests/test_05_md.py::TestEntitiesDescriptor::testUsingTestData PASSED [ 30%] tests/test_06_setarg.py::test_path PASSED [ 30%] tests/test_06_setarg.py::test_set_arg PASSED [ 31%] tests/test_06_setarg.py::test_multi PASSED [ 31%] tests/test_06_setarg.py::test_is_set PASSED [ 31%] tests/test_10_time_util.py::test_f_quotient PASSED [ 31%] tests/test_10_time_util.py::test_modulo PASSED [ 31%] tests/test_10_time_util.py::test_f_quotient_2 PASSED [ 31%] tests/test_10_time_util.py::test_modulo_2 PASSED [ 31%] tests/test_10_time_util.py::test_parse_duration PASSED [ 31%] tests/test_10_time_util.py::test_parse_duration2 PASSED [ 32%] tests/test_10_time_util.py::test_parse_duration_n PASSED [ 32%] tests/test_10_time_util.py::test_add_duration_1 PASSED [ 32%] tests/test_10_time_util.py::test_add_duration_2 PASSED [ 32%] tests/test_10_time_util.py::test_str_to_time PASSED [ 32%] tests/test_10_time_util.py::test_instant PASSED [ 32%] tests/test_10_time_util.py::test_valid PASSED [ 32%] tests/test_10_time_util.py::test_timeout PASSED [ 32%] tests/test_10_time_util.py::test_before PASSED [ 33%] tests/test_10_time_util.py::test_after PASSED [ 33%] tests/test_10_time_util.py::test_not_before PASSED [ 33%] tests/test_10_time_util.py::test_not_on_or_after PASSED [ 33%] tests/test_12_s_utils.py::test_inflate_then_deflate PASSED [ 33%] tests/test_12_s_utils.py::test_status_success PASSED [ 33%] tests/test_12_s_utils.py::test_error_status PASSED [ 33%] tests/test_12_s_utils.py::test_status_from_exception PASSED [ 34%] tests/test_12_s_utils.py::test_status_from_tuple PASSED [ 34%] tests/test_12_s_utils.py::test_status_from_tuple_empty_message PASSED [ 34%] tests/test_12_s_utils.py::test_attribute_sn PASSED [ 34%] tests/test_12_s_utils.py::test_attribute_age PASSED [ 34%] tests/test_12_s_utils.py::test_attribute_onoff PASSED [ 34%] tests/test_12_s_utils.py::test_attribute_base64 PASSED [ 34%] tests/test_12_s_utils.py::test_attribute_statement PASSED [ 34%] tests/test_12_s_utils.py::test_audience PASSED [ 35%] tests/test_12_s_utils.py::test_conditions PASSED [ 35%] tests/test_12_s_utils.py::test_value_1 PASSED [ 35%] tests/test_12_s_utils.py::test_value_2 PASSED [ 35%] tests/test_12_s_utils.py::test_value_3 PASSED [ 35%] tests/test_12_s_utils.py::test_value_4 PASSED [ 35%] tests/test_12_s_utils.py::test_do_attribute_statement_0 PASSED [ 35%] tests/test_12_s_utils.py::test_do_attribute_statement PASSED [ 35%] tests/test_12_s_utils.py::test_do_attribute_statement_multi PASSED [ 36%] tests/test_12_s_utils.py::test_subject PASSED [ 36%] tests/test_12_s_utils.py::test_parse_attribute_map PASSED [ 36%] tests/test_12_s_utils.py::test_identity_attribute_0 PASSED [ 36%] tests/test_12_s_utils.py::test_identity_attribute_1 PASSED [ 36%] tests/test_12_s_utils.py::test_identity_attribute_2 PASSED [ 36%] tests/test_12_s_utils.py::test_identity_attribute_3 PASSED [ 36%] tests/test_12_s_utils.py::test_identity_attribute_4 PASSED [ 36%] tests/test_12_s_utils.py::test_nameformat_email PASSED [ 37%] tests/test_12_s_utils.py::test_attribute PASSED [ 37%] tests/test_12_s_utils.py::test_attribute_statement_2 PASSED [ 37%] tests/test_12_s_utils.py::test_subject_confirmation_data PASSED [ 37%] tests/test_12_s_utils.py::test_subject_confirmation PASSED [ 37%] tests/test_12_s_utils.py::test_authn_context_class_ref PASSED [ 37%] tests/test_12_s_utils.py::test_authn_context PASSED [ 37%] tests/test_12_s_utils.py::test_authn_statement PASSED [ 37%] tests/test_12_s_utils.py::test_signature PASSED [ 38%] tests/test_12_s_utils.py::test_complex_factory PASSED [ 38%] tests/test_13_validate.py::test_duration PASSED [ 38%] tests/test_13_validate.py::test_unsigned_short PASSED [ 38%] tests/test_13_validate.py::test_valid_non_negative_integer PASSED [ 38%] tests/test_13_validate.py::test_valid_string PASSED [ 38%] tests/test_13_validate.py::test_valid_anyuri PASSED [ 38%] tests/test_13_validate.py::test_valid_instance PASSED [ 38%] tests/test_13_validate.py::test_valid_anytype PASSED [ 39%] tests/test_13_validate.py::test_valid_address PASSED [ 39%] tests/test_19_attribute_converter.py::test_default PASSED [ 39%] tests/test_19_attribute_converter.py::TestAC::test_setup PASSED [ 39%] tests/test_19_attribute_converter.py::TestAC::test_ava_fro_1 PASSED [ 39%] tests/test_19_attribute_converter.py::TestAC::test_ava_fro_2 PASSED [ 39%] tests/test_19_attribute_converter.py::TestAC::test_to_attrstat_1 PASSED [ 39%] tests/test_19_attribute_converter.py::TestAC::test_to_attrstat_2 PASSED [ 40%] tests/test_19_attribute_converter.py::TestAC::test_to_local_name PASSED [ 40%] tests/test_19_attribute_converter.py::TestAC::test_to_local_name_from_unspecified PASSED [ 40%] tests/test_19_attribute_converter.py::TestAC::test_to_local_name_from_basic PASSED [ 40%] tests/test_19_attribute_converter.py::TestAC::test_to_and_for PASSED [ 40%] tests/test_19_attribute_converter.py::TestAC::test_unspecified_name_format PASSED [ 40%] tests/test_19_attribute_converter.py::TestAC::test_mixed_attributes_1 PASSED [ 40%] tests/test_19_attribute_converter.py::TestAC::test_adjust_with_only_from_defined PASSED [ 40%] tests/test_19_attribute_converter.py::TestAC::test_adjust_with_only_to_defined PASSED [ 41%] tests/test_19_attribute_converter.py::TestAC::test_adjust_with_no_mapping_defined PASSED [ 41%] tests/test_19_attribute_converter.py::TestAC::test_from_local_nest_eduPersonTargetedID_in_NameID PASSED [ 41%] tests/test_19_attribute_converter.py::TestAC::test_from_local_eduPersonTargetedID_with_qualifiers PASSED [ 41%] tests/test_19_attribute_converter.py::test_noop_attribute_conversion PASSED [ 41%] tests/test_19_attribute_converter.py::TestSchac::test PASSED [ 41%] tests/test_19_attribute_converter.py::TestEIDAS::test PASSED [ 41%] tests/test_20_assertion.py::test_filter_on_attributes_0 PASSED [ 41%] tests/test_20_assertion.py::test_filter_on_attributes_1 PASSED [ 42%] tests/test_20_assertion.py::test_filter_on_attributes_2 PASSED [ 42%] tests/test_20_assertion.py::test_filter_on_attributes_without_friendly_name PASSED [ 42%] tests/test_20_assertion.py::test_filter_on_attributes_with_missing_required_attribute PASSED [ 42%] tests/test_20_assertion.py::test_filter_on_attributes_with_missing_optional_attribute PASSED [ 42%] tests/test_20_assertion.py::test_filter_on_attributes_with_missing_name_format PASSED [ 42%] tests/test_20_assertion.py::test_lifetime_1 PASSED [ 42%] tests/test_20_assertion.py::test_lifetime_2 PASSED [ 42%] tests/test_20_assertion.py::test_ava_filter_1 PASSED [ 43%] tests/test_20_assertion.py::test_ava_filter_2 PASSED [ 43%] tests/test_20_assertion.py::test_ava_filter_dont_fail PASSED [ 43%] tests/test_20_assertion.py::test_filter_attribute_value_assertions_0 PASSED [ 43%] tests/test_20_assertion.py::test_filter_attribute_value_assertions_1 PASSED [ 43%] tests/test_20_assertion.py::test_filter_attribute_value_assertions_2 PASSED [ 43%] tests/test_20_assertion.py::test_assertion_1 PASSED [ 43%] tests/test_20_assertion.py::test_assertion_2 PASSED [ 43%] tests/test_20_assertion.py::test_filter_values_req_2 PASSED [ 44%] tests/test_20_assertion.py::test_filter_values_req_3 PASSED [ 44%] tests/test_20_assertion.py::test_filter_values_req_4 PASSED [ 44%] tests/test_20_assertion.py::test_filter_values_req_5 PASSED [ 44%] tests/test_20_assertion.py::test_filter_values_req_6 PASSED [ 44%] tests/test_20_assertion.py::test_filter_values_req_opt_0 PASSED [ 44%] tests/test_20_assertion.py::test_filter_values_req_opt_1 PASSED [ 44%] tests/test_20_assertion.py::test_filter_values_req_opt_2 PASSED [ 44%] tests/test_20_assertion.py::test_filter_values_req_opt_4 PASSED [ 45%] tests/test_20_assertion.py::test_filter_ava_0 PASSED [ 45%] tests/test_20_assertion.py::test_filter_ava_1 PASSED [ 45%] tests/test_20_assertion.py::test_filter_ava_2 PASSED [ 45%] tests/test_20_assertion.py::test_filter_ava_3 PASSED [ 45%] tests/test_20_assertion.py::test_filter_ava_4 PASSED [ 45%] tests/test_20_assertion.py::test_req_opt PASSED [ 45%] tests/test_20_assertion.py::test_filter_on_wire_representation_1 PASSED [ 45%] tests/test_20_assertion.py::test_filter_on_wire_representation_2 PASSED [ 46%] tests/test_20_assertion.py::test_assertion_with_noop_attribute_conv PASSED [ 46%] tests/test_20_assertion.py::test_filter_ava_5 PASSED [ 46%] tests/test_20_assertion.py::test_filter_ava_registration_authority_1 PASSED [ 46%] tests/test_20_assertion.py::test_assertion_with_zero_attributes PASSED [ 46%] tests/test_20_assertion.py::test_assertion_with_authn_instant PASSED [ 46%] tests/test_20_assertion.py::test_attribute_producer_should_default_to_uri PASSED [ 46%] tests/test_20_assertion.py::test_attribute_consumer_should_default_to_unspecified PASSED [ 47%] tests/test_22_mdie.py::test_construct_contact PASSED [ 47%] tests/test_30_mdstore.py::test_invalid_metadata PASSED [ 47%] tests/test_30_mdstore.py::test_empty_metadata PASSED [ 47%] tests/test_30_mdstore.py::test_swami_1 PASSED [ 47%] tests/test_30_mdstore.py::test_incommon_1 PASSED [ 47%] tests/test_30_mdstore.py::test_ext_2 PASSED [ 47%] tests/test_30_mdstore.py::test_example PASSED [ 47%] tests/test_30_mdstore.py::test_switch_1 PASSED [ 48%] tests/test_30_mdstore.py::test_metadata_file PASSED [ 48%] tests/test_30_mdstore.py::test_mdx_service PASSED [ 48%] tests/test_30_mdstore.py::test_mdx_service_request_timeout PASSED [ 48%] tests/test_30_mdstore.py::test_mdx_single_sign_on_service PASSED [ 48%] tests/test_30_mdstore.py::test_mdx_metadata_freshness_period_not_expired PASSED [ 48%] tests/test_30_mdstore.py::test_mdx_metadata_freshness_period_expired PASSED [ 48%] tests/test_30_mdstore.py::test_load_local_dir PASSED [ 48%] tests/test_30_mdstore.py::test_load_extern_incommon PASSED [ 49%] tests/test_30_mdstore.py::test_load_local PASSED [ 49%] tests/test_30_mdstore.py::test_load_remote_encoding PASSED [ 49%] tests/test_30_mdstore.py::test_load_string PASSED [ 49%] tests/test_30_mdstore.py::test_get_certs_from_metadata PASSED [ 49%] tests/test_30_mdstore.py::test_get_unnamed_certs_from_metadata PASSED [ 49%] tests/test_30_mdstore.py::test_get_named_certs_from_metadata PASSED [ 49%] tests/test_30_mdstore.py::test_get_certs_from_metadata_without_keydescriptor PASSED [ 49%] tests/test_30_mdstore.py::test_metadata_extension_algsupport PASSED [ 50%] tests/test_30_mdstore.py::test_supported_algorithms PASSED [ 50%] tests/test_30_mdstore.py::test_registration_info PASSED [ 50%] tests/test_30_mdstore.py::test_registration_info_no_policy PASSED [ 50%] tests/test_30_mdstore.py::test_subject_id_requirement PASSED [ 50%] tests/test_30_mdstore.py::test_extension PASSED [ 50%] tests/test_30_mdstore.py::test_shibmd_scope_no_regex_no_descriptor_type PASSED [ 50%] tests/test_30_mdstore.py::test_shibmd_scope_no_regex_all_descriptors PASSED [ 50%] tests/test_30_mdstore_old.py::test_swami_1 PASSED [ 51%] tests/test_30_mdstore_old.py::test_incommon_1 PASSED [ 51%] tests/test_30_mdstore_old.py::test_ext_2 PASSED [ 51%] tests/test_30_mdstore_old.py::test_example PASSED [ 51%] tests/test_30_mdstore_old.py::test_switch_1 PASSED [ 51%] tests/test_30_mdstore_old.py::test_metadata_file PASSED [ 51%] tests/test_30_mdstore_old.py::test_load_local_dir PASSED [ 51%] tests/test_30_mdstore_old.py::test_load_external PASSED [ 51%] tests/test_30_mdstore_old.py::test_load_string PASSED [ 52%] tests/test_31_config.py::test_1 PASSED [ 52%] tests/test_31_config.py::test_2 PASSED [ 52%] tests/test_31_config.py::test_minimum PASSED [ 52%] tests/test_31_config.py::test_idp_1 PASSED [ 52%] tests/test_31_config.py::test_idp_2 PASSED [ 52%] tests/test_31_config.py::test_wayf PASSED [ 52%] tests/test_31_config.py::test_conf_syslog PASSED [ 52%] tests/test_31_config.py::test_3 PASSED [ 53%] tests/test_31_config.py::test_sp PASSED [ 53%] tests/test_31_config.py::test_dual PASSED [ 53%] tests/test_31_config.py::test_ecp PASSED [ 53%] tests/test_31_config.py::test_assertion_consumer_service PASSED [ 53%] tests/test_31_config.py::test_crypto_backend PASSED [ 53%] tests/test_31_config.py::test_unset_force_authn PASSED [ 53%] tests/test_31_config.py::test_set_force_authn PASSED [ 54%] tests/test_32_cache.py::TestClass::test_set PASSED [ 54%] tests/test_32_cache.py::TestClass::test_add_ava_info PASSED [ 54%] tests/test_32_cache.py::TestClass::test_from_one_target_source PASSED [ 54%] tests/test_32_cache.py::TestClass::test_entities PASSED [ 54%] tests/test_32_cache.py::TestClass::test_remove_info PASSED [ 54%] tests/test_32_cache.py::TestClass::test_active PASSED [ 54%] tests/test_32_cache.py::TestClass::test_subjects PASSED [ 54%] tests/test_32_cache.py::TestClass::test_second_subject PASSED [ 55%] tests/test_32_cache.py::TestClass::test_receivers PASSED [ 55%] tests/test_32_cache.py::TestClass::test_timeout PASSED [ 55%] tests/test_33_identifier.py::TestIdentifier::test_persistent_1 PASSED [ 55%] tests/test_33_identifier.py::TestIdentifier::test_persistent_2 PASSED [ 55%] tests/test_33_identifier.py::TestIdentifier::test_transient_1 PASSED [ 55%] tests/test_33_identifier.py::TestIdentifier::test_vo_1 PASSED [ 55%] tests/test_33_identifier.py::TestIdentifier::test_vo_2 PASSED [ 55%] tests/test_33_identifier.py::TestIdentifier::test_persistent_nameid PASSED [ 56%] tests/test_33_identifier.py::TestIdentifier::test_transient_nameid PASSED [ 56%] tests/test_34_population.py::TestPopulationMemoryBased::test_add_person PASSED [ 56%] tests/test_34_population.py::TestPopulationMemoryBased::test_extend_person PASSED [ 56%] tests/test_34_population.py::TestPopulationMemoryBased::test_add_another_person PASSED [ 56%] tests/test_34_population.py::TestPopulationMemoryBased::test_modify_person PASSED [ 56%] tests/test_36_mdbcache.py::TestMongoDBCache::test_set_get_1 PASSED [ 56%] tests/test_36_mdbcache.py::TestMongoDBCache::test_set_get_2 PASSED [ 56%] tests/test_36_mdbcache.py::TestMongoDBCache::test_remove PASSED [ 57%] tests/test_36_mdbcache.py::TestMongoDBCache::test_subjects PASSED [ 57%] tests/test_36_mdbcache.py::TestMongoDBCache::test_identity PASSED [ 57%] tests/test_36_mdbcache.py::TestMongoDBCache::test_remove_2 PASSED [ 57%] tests/test_37_entity_categories.py::test_filter_ava PASSED [ 57%] tests/test_37_entity_categories.py::test_filter_ava2 PASSED [ 57%] tests/test_37_entity_categories.py::test_filter_ava3 PASSED [ 57%] tests/test_37_entity_categories.py::test_filter_ava4 PASSED [ 57%] tests/test_37_entity_categories.py::test_filter_ava5 PASSED [ 58%] tests/test_37_entity_categories.py::test_idp_policy_filter PASSED [ 58%] tests/test_37_entity_categories.py::test_entity_category_import_from_path PASSED [ 58%] tests/test_37_entity_categories.py::test_filter_ava_required_attributes_with_no_friendly_name PASSED [ 58%] tests/test_37_entity_categories.py::test_filter_ava_esi_coco PASSED [ 58%] tests/test_37_entity_categories.py::test_filter_ava_refeds_anonymous_access SKIPPED [ 58%] tests/test_37_entity_categories.py::test_filter_ava_refeds_pseudonymous_access SKIPPED [ 58%] tests/test_37_entity_categories.py::test_filter_ava_refeds_personalized_access SKIPPED [ 58%] tests/test_38_metadata_filter.py::test_swamid_sp PASSED [ 59%] tests/test_38_metadata_filter.py::test_swamid_idp PASSED [ 59%] tests/test_39_metadata.py::test_requested_attribute_name_format PASSED [ 59%] tests/test_39_metadata.py::test_signed_metadata_proper_str_bytes_handling FAILED [ 59%] tests/test_39_metadata.py::test_cert_trailing_newlines_ignored PASSED [ 59%] tests/test_39_metadata.py::test_invalid_cert_raises_error PASSED [ 59%] tests/test_40_sigver.py::test_cert_from_instance_1 PASSED [ 59%] tests/test_40_sigver.py::test_cert_from_instance_ssp SKIPPED (pyasn1 is not installed) [ 60%] tests/test_40_sigver.py::TestSecurity::test_verify_1 PASSED [ 60%] tests/test_40_sigver.py::TestSecurity::test_non_verify_1 PASSED [ 60%] tests/test_40_sigver.py::TestSecurity::test_sign_assertion FAILED [ 60%] tests/test_40_sigver.py::TestSecurity::test_multiple_signatures_assertion FAILED [ 60%] tests/test_40_sigver.py::TestSecurity::test_multiple_signatures_response FAILED [ 60%] tests/test_40_sigver.py::TestSecurity::test_sign_response FAILED [ 60%] tests/test_40_sigver.py::TestSecurity::test_sign_response_2 FAILED [ 60%] tests/test_40_sigver.py::TestSecurity::test_sign_verify FAILED [ 61%] tests/test_40_sigver.py::TestSecurity::test_sign_verify_with_cert_from_instance FAILED [ 61%] tests/test_40_sigver.py::TestSecurity::test_sign_verify_assertion_with_cert_from_instance FAILED [ 61%] tests/test_40_sigver.py::TestSecurity::test_exception_sign_verify_with_cert_from_instance FAILED [ 61%] tests/test_40_sigver.py::TestSecurityNonAsciiAva::test_verify_1 PASSED [ 61%] tests/test_40_sigver.py::TestSecurityNonAsciiAva::test_non_verify_1 PASSED [ 61%] tests/test_40_sigver.py::TestSecurityNonAsciiAva::test_sign_assertion FAILED [ 61%] tests/test_40_sigver.py::TestSecurityNonAsciiAva::test_multiple_signatures_assertion FAILED [ 61%] tests/test_40_sigver.py::TestSecurityNonAsciiAva::test_multiple_signatures_response FAILED [ 62%] tests/test_40_sigver.py::TestSecurityNonAsciiAva::test_sign_response FAILED [ 62%] tests/test_40_sigver.py::TestSecurityNonAsciiAva::test_sign_response_2 FAILED [ 62%] tests/test_40_sigver.py::TestSecurityNonAsciiAva::test_sign_verify FAILED [ 62%] tests/test_40_sigver.py::TestSecurityNonAsciiAva::test_sign_verify_with_cert_from_instance FAILED [ 62%] tests/test_40_sigver.py::TestSecurityNonAsciiAva::test_sign_verify_assertion_with_cert_from_instance FAILED [ 62%] tests/test_40_sigver.py::TestSecurityNonAsciiAva::test_exception_sign_verify_with_cert_from_instance FAILED [ 62%] tests/test_40_sigver.py::test_xbox FAILED [ 62%] tests/test_40_sigver.py::test_xbox_non_ascii_ava FAILED [ 63%] tests/test_40_sigver.py::test_okta PASSED [ 63%] tests/test_40_sigver.py::test_xmlsec_err PASSED [ 63%] tests/test_40_sigver.py::test_xmlsec_err_non_ascii_ava PASSED [ 63%] tests/test_40_sigver.py::test_sha256_signing PASSED [ 63%] tests/test_40_sigver.py::test_sha256_signing_non_ascii_ava PASSED [ 63%] tests/test_40_sigver.py::test_xmlsec_output_line_parsing PASSED [ 63%] tests/test_40_sigver.py::test_xmlsec_v1_3_x_output_line_parsing PASSED [ 63%] tests/test_40_sigver.py::test_cert_trailing_newlines_ignored PASSED [ 64%] tests/test_40_sigver.py::test_invalid_cert_raises_error PASSED [ 64%] tests/test_40_sigver.py::test_der_certificate_loading PASSED [ 64%] tests/test_41_response.py::TestResponse::test_1 ERROR [ 64%] tests/test_41_response.py::TestResponse::test_2 ERROR [ 64%] tests/test_41_response.py::TestResponse::test_issuer_none ERROR [ 64%] tests/test_41_response.py::TestResponse::test_false_sign ERROR [ 64%] tests/test_41_response.py::TestResponse::test_other_response ERROR [ 64%] tests/test_42_enc.py::test_pre_enc_key_format PASSED [ 65%] tests/test_42_enc.py::test_pre_enc_with_pregenerated_key PASSED [ 65%] tests/test_42_enc.py::test_pre_enc_with_generated_key PASSED [ 65%] tests/test_42_enc.py::test_pre_enc_with_named_key PASSED [ 65%] tests/test_42_enc.py::test_reshuffle_response PASSED [ 65%] tests/test_42_enc.py::test_enc1 PASSED [ 65%] tests/test_42_enc.py::test_enc2 PASSED [ 65%] tests/test_43_soap.py::test_parse_soap_envelope PASSED [ 65%] tests/test_43_soap.py::test_make_soap_envelope PASSED [ 66%] tests/test_43_soap.py::test_parse_soap_enveloped_saml_thingy_xxe PASSED [ 66%] tests/test_43_soap.py::test_class_instances_from_soap_enveloped_saml_thingies_xxe PASSED [ 66%] tests/test_43_soap.py::test_open_soap_envelope_xxe PASSED [ 66%] tests/test_44_authnresp.py::TestAuthnResponse::test_verify_1 ERROR [ 66%] tests/test_44_authnresp.py::TestAuthnResponse::test_verify_signed_1 ERROR [ 66%] tests/test_44_authnresp.py::TestAuthnResponse::test_parse_2 ERROR [ 66%] tests/test_44_authnresp.py::TestAuthnResponse::test_verify_w_authn ERROR [ 67%] tests/test_44_authnresp.py::TestAuthnResponse::test_unpack_nested_eptid ERROR [ 67%] tests/test_44_authnresp.py::TestAuthnResponse::test_multiple_attribute_statement ERROR [ 67%] tests/test_50_server.py::TestServer1::test_issuer PASSED [ 67%] tests/test_50_server.py::TestServer1::test_assertion PASSED [ 67%] tests/test_50_server.py::TestServer1::test_response PASSED [ 67%] tests/test_50_server.py::TestServer1::test_parse_faulty_request PASSED [ 67%] tests/test_50_server.py::TestServer1::test_parse_faulty_request_to_err_status PASSED [ 67%] tests/test_50_server.py::TestServer1::test_parse_ok_request PASSED [ 68%] tests/test_50_server.py::TestServer1::test_sso_response_with_identity PASSED [ 68%] tests/test_50_server.py::TestServer1::test_sso_response_without_identity PASSED [ 68%] tests/test_50_server.py::TestServer1::test_sso_response_specific_instant PASSED [ 68%] tests/test_50_server.py::TestServer1::test_sso_failure_response PASSED [ 68%] tests/test_50_server.py::TestServer1::test_authn_response_0 PASSED [ 68%] tests/test_50_server.py::TestServer1::test_signed_response FAILED [ 68%] tests/test_50_server.py::TestServer1::test_signed_response_1 FAILED [ 68%] tests/test_50_server.py::TestServer1::test_signed_response_2 FAILED [ 69%] tests/test_50_server.py::TestServer1::test_signed_response_3 FAILED [ 69%] tests/test_50_server.py::TestServer1::test_encrypted_signed_response_1 FAILED [ 69%] tests/test_50_server.py::TestServer1::test_encrypted_signed_response_2 FAILED [ 69%] tests/test_50_server.py::TestServer1::test_encrypted_signed_response_3 FAILED [ 69%] tests/test_50_server.py::TestServer1::test_encrypted_signed_response_4 FAILED [ 69%] tests/test_50_server.py::TestServer1::test_encrypted_response_1 PASSED [ 69%] tests/test_50_server.py::TestServer1::test_encrypted_response_2 PASSED [ 69%] tests/test_50_server.py::TestServer1::test_encrypted_response_3 PASSED [ 70%] tests/test_50_server.py::TestServer1::test_encrypted_response_4 PASSED [ 70%] tests/test_50_server.py::TestServer1::test_encrypted_response_5 PASSED [ 70%] tests/test_50_server.py::TestServer1::test_encrypted_response_6 PASSED [ 70%] tests/test_50_server.py::TestServer1::test_encrypted_response_7 PASSED [ 70%] tests/test_50_server.py::TestServer1::test_encrypted_response_8 PASSED [ 70%] tests/test_50_server.py::TestServer1::test_encrypted_response_9 PASSED [ 70%] tests/test_50_server.py::TestServer1::test_slo_http_post PASSED [ 70%] tests/test_50_server.py::TestServer1::test_slo_soap PASSED [ 71%] tests/test_50_server.py::TestServer1NonAsciiAva::test_issuer PASSED [ 71%] tests/test_50_server.py::TestServer1NonAsciiAva::test_assertion PASSED [ 71%] tests/test_50_server.py::TestServer1NonAsciiAva::test_response PASSED [ 71%] tests/test_50_server.py::TestServer1NonAsciiAva::test_parse_faulty_request PASSED [ 71%] tests/test_50_server.py::TestServer1NonAsciiAva::test_parse_faulty_request_to_err_status PASSED [ 71%] tests/test_50_server.py::TestServer1NonAsciiAva::test_parse_ok_request PASSED [ 71%] tests/test_50_server.py::TestServer1NonAsciiAva::test_sso_response_with_identity PASSED [ 71%] tests/test_50_server.py::TestServer1NonAsciiAva::test_sso_response_without_identity PASSED [ 72%] tests/test_50_server.py::TestServer1NonAsciiAva::test_sso_response_specific_instant PASSED [ 72%] tests/test_50_server.py::TestServer1NonAsciiAva::test_sso_failure_response PASSED [ 72%] tests/test_50_server.py::TestServer1NonAsciiAva::test_authn_response_0 PASSED [ 72%] tests/test_50_server.py::TestServer1NonAsciiAva::test_signed_response FAILED [ 72%] tests/test_50_server.py::TestServer1NonAsciiAva::test_signed_response_1 FAILED [ 72%] tests/test_50_server.py::TestServer1NonAsciiAva::test_signed_response_2 FAILED [ 72%] tests/test_50_server.py::TestServer1NonAsciiAva::test_signed_response_3 FAILED [ 72%] tests/test_50_server.py::TestServer1NonAsciiAva::test_encrypted_signed_response_1 FAILED [ 73%] tests/test_50_server.py::TestServer1NonAsciiAva::test_encrypted_signed_response_2 FAILED [ 73%] tests/test_50_server.py::TestServer1NonAsciiAva::test_encrypted_signed_response_3 FAILED [ 73%] tests/test_50_server.py::TestServer1NonAsciiAva::test_encrypted_signed_response_4 FAILED [ 73%] tests/test_50_server.py::TestServer1NonAsciiAva::test_encrypted_response_1 PASSED [ 73%] tests/test_50_server.py::TestServer1NonAsciiAva::test_encrypted_response_2 PASSED [ 73%] tests/test_50_server.py::TestServer1NonAsciiAva::test_encrypted_response_3 PASSED [ 73%] tests/test_50_server.py::TestServer1NonAsciiAva::test_encrypted_response_4 PASSED [ 74%] tests/test_50_server.py::TestServer1NonAsciiAva::test_encrypted_response_5 PASSED [ 74%] tests/test_50_server.py::TestServer1NonAsciiAva::test_encrypted_response_6 PASSED [ 74%] tests/test_50_server.py::TestServer1NonAsciiAva::test_encrypted_response_7 PASSED [ 74%] tests/test_50_server.py::TestServer1NonAsciiAva::test_encrypted_response_8 PASSED [ 74%] tests/test_50_server.py::TestServer1NonAsciiAva::test_encrypted_response_9 PASSED [ 74%] tests/test_50_server.py::TestServer1NonAsciiAva::test_slo_http_post PASSED [ 74%] tests/test_50_server.py::TestServer1NonAsciiAva::test_slo_soap PASSED [ 74%] tests/test_50_server.py::TestServer1NonAsciiAva::test_slo_soap_signed PASSED [ 75%] tests/test_50_server.py::TestServer2::test_do_attribute_reponse PASSED [ 75%] tests/test_50_server.py::TestServerLogout::test_1 PASSED [ 75%] tests/test_50_server.py::TestServerLogout::test_2 PASSED [ 75%] tests/test_51_client.py::TestClient::test_create_attribute_query1 PASSED [ 75%] tests/test_51_client.py::TestClient::test_create_attribute_query2 PASSED [ 75%] tests/test_51_client.py::TestClient::test_create_attribute_query_3 PASSED [ 75%] tests/test_51_client.py::TestClient::test_create_auth_request_0 PASSED [ 75%] tests/test_51_client.py::TestClient::test_create_auth_request_requested_attributes PASSED [ 76%] tests/test_51_client.py::TestClient::test_create_auth_request_unset_force_authn_by_default PASSED [ 76%] tests/test_51_client.py::TestClient::test_create_auth_request_set_force_authn_not_true_or_1 PASSED [ 76%] tests/test_51_client.py::TestClient::test_create_auth_request_set_force_authn_true PASSED [ 76%] tests/test_51_client.py::TestClient::test_create_auth_request_set_force_authn_1 PASSED [ 76%] tests/test_51_client.py::TestClient::test_create_auth_request_nameid_policy_allow_create PASSED [ 76%] tests/test_51_client.py::TestClient::test_create_auth_request_vo PASSED [ 76%] tests/test_51_client.py::TestClient::test_sign_auth_request_0 FAILED [ 76%] tests/test_51_client.py::TestClient::test_logout_response FAILED [ 77%] tests/test_51_client.py::TestClient::test_create_logout_request PASSED [ 77%] tests/test_51_client.py::TestClient::test_response_1 FAILED [ 77%] tests/test_51_client.py::TestClient::test_response_2 FAILED [ 77%] tests/test_51_client.py::TestClient::test_response_3 FAILED [ 77%] tests/test_51_client.py::TestClient::test_response_4 FAILED [ 77%] tests/test_51_client.py::TestClient::test_response_5 FAILED [ 77%] tests/test_51_client.py::TestClient::test_response_6 FAILED [ 77%] tests/test_51_client.py::TestClient::test_response_7 FAILED [ 78%] tests/test_51_client.py::TestClient::test_response_8 FAILED [ 78%] tests/test_51_client.py::TestClient::test_response_no_name_id PASSED [ 78%] tests/test_51_client.py::TestClient::test_init_values PASSED [ 78%] tests/test_51_client.py::TestClient::test_sign_then_encrypt_assertion FAILED [ 78%] tests/test_51_client.py::TestClient::test_sign_then_encrypt_assertion2 FAILED [ 78%] tests/test_51_client.py::TestClient::test_sign_then_encrypt_assertion_advice_1 FAILED [ 78%] tests/test_51_client.py::TestClient::test_sign_then_encrypt_assertion_advice_2 FAILED [ 78%] tests/test_51_client.py::TestClient::test_signed_with_default_algo_redirect FAILED [ 79%] tests/test_51_client.py::TestClient::test_signed_redirect PASSED [ 79%] tests/test_51_client.py::TestClient::test_signed_redirect_passes_if_needs_signed_requests PASSED [ 79%] tests/test_51_client.py::TestClient::test_signed_redirect_fail_if_needs_signed_request_but_received_unsigned PASSED [ 79%] tests/test_51_client.py::TestClient::test_signed_redirect_fail_if_needs_signed_request_but_sigalg_not_matches PASSED [ 79%] tests/test_51_client.py::TestClient::test_do_logout_signed_redirect FAILED [ 79%] tests/test_51_client.py::TestClient::test_do_logout_signed_redirect_invalid FAILED [ 79%] tests/test_51_client.py::TestClient::test_do_logout_post FAILED [ 80%] tests/test_51_client.py::TestClient::test_do_logout_redirect_no_cache PASSED [ 80%] tests/test_51_client.py::TestClient::test_do_logout_session_expired FAILED [ 80%] tests/test_51_client.py::TestClient::test_signature_wants FAILED [ 80%] tests/test_51_client.py::TestClientNonAsciiAva::test_create_attribute_query1 PASSED [ 80%] tests/test_51_client.py::TestClientNonAsciiAva::test_create_attribute_query2 PASSED [ 80%] tests/test_51_client.py::TestClientNonAsciiAva::test_create_attribute_query_3 PASSED [ 80%] tests/test_51_client.py::TestClientNonAsciiAva::test_create_auth_request_0 PASSED [ 80%] tests/test_51_client.py::TestClientNonAsciiAva::test_create_auth_request_unset_force_authn PASSED [ 81%] tests/test_51_client.py::TestClientNonAsciiAva::test_create_auth_request_set_force_authn PASSED [ 81%] tests/test_51_client.py::TestClientNonAsciiAva::test_create_auth_request_nameid_policy_allow_create PASSED [ 81%] tests/test_51_client.py::TestClientNonAsciiAva::test_create_auth_request_vo PASSED [ 81%] tests/test_51_client.py::TestClientNonAsciiAva::test_sign_auth_request_0 FAILED [ 81%] tests/test_51_client.py::TestClientNonAsciiAva::test_create_logout_request PASSED [ 81%] tests/test_51_client.py::TestClientNonAsciiAva::test_response_1 FAILED [ 81%] tests/test_51_client.py::TestClientNonAsciiAva::test_response_2 FAILED [ 81%] tests/test_51_client.py::TestClientNonAsciiAva::test_response_3 FAILED [ 82%] tests/test_51_client.py::TestClientNonAsciiAva::test_response_4 FAILED [ 82%] tests/test_51_client.py::TestClientNonAsciiAva::test_response_5 FAILED [ 82%] tests/test_51_client.py::TestClientNonAsciiAva::test_response_6 FAILED [ 82%] tests/test_51_client.py::TestClientNonAsciiAva::test_response_7 FAILED [ 82%] tests/test_51_client.py::TestClientNonAsciiAva::test_response_8 FAILED [ 82%] tests/test_51_client.py::TestClientNonAsciiAva::test_response_no_name_id PASSED [ 82%] tests/test_51_client.py::TestClientNonAsciiAva::test_response_error_status PASSED [ 82%] tests/test_51_client.py::TestClientNonAsciiAva::test_response_error_status_non_standard_status_code PASSED [ 83%] tests/test_51_client.py::TestClientNonAsciiAva::test_init_values PASSED [ 83%] tests/test_51_client.py::TestClientNonAsciiAva::test_sign_then_encrypt_assertion FAILED [ 83%] tests/test_51_client.py::TestClientNonAsciiAva::test_sign_then_encrypt_assertion2 FAILED [ 83%] tests/test_51_client.py::TestClientNonAsciiAva::test_sign_then_encrypt_assertion_advice_1 FAILED [ 83%] tests/test_51_client.py::TestClientNonAsciiAva::test_sign_then_encrypt_assertion_advice_2 FAILED [ 83%] tests/test_51_client.py::TestClientNonAsciiAva::test_signed_redirect PASSED [ 83%] tests/test_51_client.py::TestClientNonAsciiAva::test_do_logout_signed_redirect FAILED [ 83%] tests/test_51_client.py::TestClientNonAsciiAva::test_do_logout_post FAILED [ 84%] tests/test_51_client.py::TestClientNonAsciiAva::test_do_logout_session_expired FAILED [ 84%] tests/test_51_client.py::TestClientWithDummy::test_do_authn PASSED [ 84%] tests/test_51_client.py::TestClientWithDummy::test_do_negotiated_authn PASSED [ 84%] tests/test_51_client.py::TestClientWithDummy::test_do_attribute_query PASSED [ 84%] tests/test_51_client.py::TestClientWithDummy::test_logout_1 PASSED [ 84%] tests/test_51_client.py::TestClientWithDummy::test_post_sso PASSED [ 84%] tests/test_51_client.py::TestClientWithDummy::test_negotiated_post_sso PASSED [ 84%] tests/test_51_client.py::TestClientNoConfigContext::test_logout_1 PASSED [ 85%] tests/test_51_client.py::test_parse_soap_enveloped_saml_xxe PASSED [ 85%] tests/test_52_default_sign_alg.py::TestSignedResponse::test_signed_response FAILED [ 85%] tests/test_52_default_sign_alg.py::TestSignedResponse::test_signed_response_1 FAILED [ 85%] tests/test_52_default_sign_alg.py::TestSignedResponse::test_signed_response_2 PASSED [ 85%] tests/test_60_sp.py::TestSP::test_setup SKIPPED (s2repoze dependencies not installed) [ 85%] tests/test_60_sp.py::TestSP::test_identify SKIPPED (s2repoze dependencies not installed) [ 85%] tests/test_62_vo.py::TestVirtualOrg::test_mta PASSED [ 85%] tests/test_62_vo.py::TestVirtualOrg::test_unknown_subject PASSED [ 86%] tests/test_62_vo.py::TestVirtualOrg::test_id PASSED [ 86%] tests/test_62_vo.py::TestVirtualOrg::test_id_unknown PASSED [ 86%] tests/test_62_vo.py::TestVirtualOrg_2::test_mta PASSED [ 86%] tests/test_62_vo.py::TestVirtualOrg_2::test_unknown_subject PASSED [ 86%] tests/test_62_vo.py::TestVirtualOrg_2::test_id PASSED [ 86%] tests/test_62_vo.py::TestVirtualOrg_2::test_id_unknown PASSED [ 86%] tests/test_63_ecp.py::test_complete_flow PASSED [ 87%] tests/test_64_artifact.py::test_create_artifact PASSED [ 87%] tests/test_64_artifact.py::test_create_artifact_resolve PASSED [ 87%] tests/test_64_artifact.py::test_artifact_flow PASSED [ 87%] tests/test_65_authn_query.py::test_basic PASSED [ 87%] tests/test_65_authn_query.py::test_flow PASSED [ 87%] tests/test_66_name_id_mapping.py::test_base_request PASSED [ 87%] tests/test_66_name_id_mapping.py::test_request_response PASSED [ 87%] tests/test_67_manage_name_id.py::test_basic PASSED [ 88%] tests/test_67_manage_name_id.py::test_flow PASSED [ 88%] tests/test_68_assertion_id.py::test_basic_flow PASSED [ 88%] tests/test_69_discovery.py::test_verify PASSED [ 88%] tests/test_69_discovery.py::test_construct_0 PASSED [ 88%] tests/test_69_discovery.py::test_construct_1 PASSED [ 88%] tests/test_69_discovery.py::test_construct_deconstruct_request PASSED [ 88%] tests/test_69_discovery.py::test_construct_deconstruct_response PASSED [ 88%] tests/test_70_redirect_signing.py::test FAILED [ 89%] tests/test_71_authn_request.py::test_authn_request_with_acs_by_index PASSED [ 89%] tests/test_72_eptid.py::test_eptid PASSED [ 89%] tests/test_72_eptid.py::test_eptid_shelve PASSED [ 89%] tests/test_75_mongodb.py::test_flow PASSED [ 89%] tests/test_75_mongodb.py::test_eptid_mongo_db PASSED [ 89%] tests/test_76_metadata_in_mdb.py::test_metadata PASSED [ 89%] tests/test_77_authn_context.py::test_passwd PASSED [ 89%] tests/test_77_authn_context.py::test_factory PASSED [ 90%] tests/test_77_authn_context.py::test_authn_decl_in_authn_context PASSED [ 90%] tests/test_77_authn_context.py::test_authn_1 PASSED [ 90%] tests/test_77_authn_context.py::test_authn_2 PASSED [ 90%] tests/test_77_authn_context.py::test_authn_3 PASSED [ 90%] tests/test_81_certificates.py::TestGenerateCertificates::test_validate_cert_chains PASSED [ 90%] tests/test_81_certificates.py::TestGenerateCertificates::test_validate_expire PASSED [ 90%] tests/test_81_certificates.py::TestGenerateCertificates::test_validate_passphrase PASSED [ 90%] tests/test_81_certificates.py::TestGenerateCertificates::test_validate_with_root_cert PASSED [ 91%] tests/test_83_md_extensions.py::TestMDExt::test_sp_type_true PASSED [ 91%] tests/test_83_md_extensions.py::TestMDExt::test_sp_type_false PASSED [ 91%] tests/test_83_md_extensions.py::TestMDExt::test_entity_attributes PASSED [ 91%] tests/test_88_nsprefix.py::test_nsprefix PASSED [ 91%] tests/test_88_nsprefix.py::test_nsprefix2 PASSED [ 91%] tests/test_89_http_post_relay_state.py::test_relay_state PASSED [ 91%] tests/test_92_aes.py::TestAES::test_aes_defaults PASSED [ 91%] tests/test_92_aes.py::TestAES::test_aes_128_cbc PASSED [ 92%] tests/test_92_aes.py::TestAES::test_aes_128_cfb PASSED [ 92%] tests/test_92_aes.py::TestAES::test_aes_192_cbc PASSED [ 92%] tests/test_92_aes.py::TestAES::test_aes_192_cfb PASSED [ 92%] tests/test_92_aes.py::TestAES::test_aes_256_cbc PASSED [ 92%] tests/test_92_aes.py::TestAES::test_aes_256_cfb PASSED [ 92%] tests/test_93_hok.py::TestHolderOfKeyResponse::test_valid_hok_response_is_parsed PASSED [ 92%] tests/test_93_hok.py::TestHolderOfKeyResponse::test_invalid_hok_response_fails_verification PASSED [ 92%] tests/test_94_read_cert.py::test_read_single_cert PASSED [ 93%] tests/test_94_read_cert.py::test_read_cert_chain PASSED [ 93%] tests/test_94_read_cert.py::test_read_cert_chain_with_linebreaks PASSED [ 93%] tests/test_schema_validator.py::test_invalid_saml_metadata_doc[invalid_metadata_file.xml] PASSED [ 93%] tests/test_schema_validator.py::test_invalid_saml_metadata_doc[empty_metadata_file.xml] PASSED [ 93%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[InCommon-metadata.xml] PASSED [ 93%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[idp.xml] PASSED [ 93%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[idp_2.xml] PASSED [ 94%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[idp_aa.xml] PASSED [ 94%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[idp_all.xml] PASSED [ 94%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[idp_example.xml] PASSED [ 94%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[idp_soap.xml] PASSED [ 94%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[entity_cat_re.xml] PASSED [ 94%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[entity_cat_re_nren.xml] PASSED [ 94%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[entity_cat_rs.xml] PASSED [ 94%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[entity_cat_sfs_hei.xml] PASSED [ 95%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[entity_esi_and_coco_sp.xml] PASSED [ 95%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[entity_no_friendly_name_sp.xml] PASSED [ 95%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[extended.xml] PASSED [ 95%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[idp_slo_redirect.xml] PASSED [ 95%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[idp_uiinfo.xml] PASSED [ 95%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[metadata.aaitest.xml] PASSED [ 95%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[metadata.xml] PASSED [ 95%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[metadata_cert.xml] PASSED [ 96%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[metadata_example.xml] PASSED [ 96%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[metadata_sp_1.xml] PASSED [ 96%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[metadata_sp_1_no_encryption.xml] PASSED [ 96%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[metadata_sp_2.xml] PASSED [ 96%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[metasp.xml] PASSED [ 96%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[pdp_meta.xml] PASSED [ 96%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[servera.xml] PASSED [ 96%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[sp.xml] PASSED [ 97%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[sp_slo_redirect.xml] PASSED [ 97%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[urn-mace-swami.se-swamid-test-1.0-metadata.xml] PASSED [ 97%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[uu.xml] PASSED [ 97%] tests/test_schema_validator.py::test_valid_saml_metadata_doc[vo_metadata.xml] PASSED [ 97%] tests/test_schema_validator.py::test_valid_saml_response_doc[attribute_response.xml] PASSED [ 97%] tests/test_schema_validator.py::test_valid_saml_response_doc[okta_response.xml] PASSED [ 97%] tests/test_schema_validator.py::test_valid_saml_response_doc[simplesamlphp_authnresponse.xml] PASSED [ 97%] tests/test_schema_validator.py::test_valid_saml_response_doc[saml2_response.xml] PASSED [ 98%] tests/test_schema_validator.py::test_valid_saml_response_doc[saml_false_signed.xml] PASSED [ 98%] tests/test_schema_validator.py::test_valid_saml_response_doc[saml_hok.xml] PASSED [ 98%] tests/test_schema_validator.py::test_valid_saml_response_doc[saml_hok_invalid.xml] PASSED [ 98%] tests/test_schema_validator.py::test_valid_saml_response_doc[saml_signed.xml] PASSED [ 98%] tests/test_schema_validator.py::test_valid_saml_response_doc[saml_unsigned.xml] PASSED [ 98%] tests/test_schema_validator.py::test_valid_saml_partial_doc[encrypted_attribute_statement.xml] PASSED [ 98%] tests/test_schema_validator.py::test_valid_eidas_saml_response_doc[eidas_response.xml] PASSED [ 98%] tests/test_xmlsec1_key_data.py::TestAuthnResponse::test_signed_response_with_hmac_should_fail PASSED [ 99%] tests/test_xmlsec1_key_data.py::TestAuthnResponse::test_signed_assertion_with_hmac_should_fail PASSED [ 99%] tests/test_xmlsec1_key_data.py::TestAuthnResponse::test_signed_assertion_with_random_embedded_cert_should_be_ignored FAILED [ 99%] tests/test_xsw.py::TestXSW::test_signed_xsw_assertion_wrapper_should_fail PASSED [ 99%] tests/test_xsw.py::TestXSW::test_signed_xsw_assertion_extensions_should_fail PASSED [ 99%] tests/test_xsw.py::TestXSW::test_signed_xsw_assertion_assertion_should_fail PASSED [ 99%] tests/test_xsw.py::TestInvalidDepthFirstSig::test_signed_assertion_first_sig_should_fail PASSED [ 99%] tests/test_xsw.py::TestInvalidDepthFirstSig::test_signed_response_first_sig_should_fail PASSED [100%] ==================================== ERRORS ==================================== ____________________ ERROR at setup of TestResponse.test_1 _____________________ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=4831cc2983d968b742d7b2ad62b30c7f18c4df73ed0d63abc3de445a2b5a70b1urn:mace:example.com:saml:roland:spstaffmemberJeterDerekfoo@gmail.comshortstop' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-hJuPStQGneGHIgoXq' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpw_dwoozn.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpw_dwoozn.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def setup_class(self): with closing(Server("idp_conf")) as server: name_id = server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id12") self._resp_ = server.create_authn_response( IDENTITY, in_response_to="id12", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", name_id=name_id, ) > self._sign_resp_ = server.create_authn_response( IDENTITY, in_response_to="id12", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", name_id=name_id, sign_assertion=True, ) tests/test_41_response.py:53: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:760: in _response return signed_instance_factory(response, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=4831cc2983d968b742d7b2ad62b30c7f18c4df73ed0d63abc3de445a2b5a70b1urn:mace:example.com:saml:roland:spstaffmemberJeterDerekfoo@gmail.comshortstop' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-hJuPStQGneGHIgoXq' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-hJuPStQGneGHIgoXq', '--output', '/tmp/tmp872j661j.xml', '/tmp/tmpw_dwoozn.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log setup ------------------------------ ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpw_dwoozn.xml" output= ____________________ ERROR at setup of TestResponse.test_2 _____________________ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=4831cc2983d968b742d7b2ad62b30c7f18c4df73ed0d63abc3de445a2b5a70b1urn:mace:example.com:saml:roland:spstaffmemberJeterDerekfoo@gmail.comshortstop' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-hJuPStQGneGHIgoXq' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpw_dwoozn.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpw_dwoozn.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def setup_class(self): with closing(Server("idp_conf")) as server: name_id = server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id12") self._resp_ = server.create_authn_response( IDENTITY, in_response_to="id12", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", name_id=name_id, ) > self._sign_resp_ = server.create_authn_response( IDENTITY, in_response_to="id12", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", name_id=name_id, sign_assertion=True, ) tests/test_41_response.py:53: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:760: in _response return signed_instance_factory(response, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=4831cc2983d968b742d7b2ad62b30c7f18c4df73ed0d63abc3de445a2b5a70b1urn:mace:example.com:saml:roland:spstaffmemberJeterDerekfoo@gmail.comshortstop' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-hJuPStQGneGHIgoXq' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-hJuPStQGneGHIgoXq', '--output', '/tmp/tmp872j661j.xml', '/tmp/tmpw_dwoozn.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError _______________ ERROR at setup of TestResponse.test_issuer_none ________________ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=4831cc2983d968b742d7b2ad62b30c7f18c4df73ed0d63abc3de445a2b5a70b1urn:mace:example.com:saml:roland:spstaffmemberJeterDerekfoo@gmail.comshortstop' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-hJuPStQGneGHIgoXq' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpw_dwoozn.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpw_dwoozn.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def setup_class(self): with closing(Server("idp_conf")) as server: name_id = server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id12") self._resp_ = server.create_authn_response( IDENTITY, in_response_to="id12", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", name_id=name_id, ) > self._sign_resp_ = server.create_authn_response( IDENTITY, in_response_to="id12", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", name_id=name_id, sign_assertion=True, ) tests/test_41_response.py:53: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:760: in _response return signed_instance_factory(response, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=4831cc2983d968b742d7b2ad62b30c7f18c4df73ed0d63abc3de445a2b5a70b1urn:mace:example.com:saml:roland:spstaffmemberJeterDerekfoo@gmail.comshortstop' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-hJuPStQGneGHIgoXq' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-hJuPStQGneGHIgoXq', '--output', '/tmp/tmp872j661j.xml', '/tmp/tmpw_dwoozn.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ________________ ERROR at setup of TestResponse.test_false_sign ________________ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=4831cc2983d968b742d7b2ad62b30c7f18c4df73ed0d63abc3de445a2b5a70b1urn:mace:example.com:saml:roland:spstaffmemberJeterDerekfoo@gmail.comshortstop' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-hJuPStQGneGHIgoXq' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpw_dwoozn.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpw_dwoozn.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def setup_class(self): with closing(Server("idp_conf")) as server: name_id = server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id12") self._resp_ = server.create_authn_response( IDENTITY, in_response_to="id12", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", name_id=name_id, ) > self._sign_resp_ = server.create_authn_response( IDENTITY, in_response_to="id12", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", name_id=name_id, sign_assertion=True, ) tests/test_41_response.py:53: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:760: in _response return signed_instance_factory(response, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=4831cc2983d968b742d7b2ad62b30c7f18c4df73ed0d63abc3de445a2b5a70b1urn:mace:example.com:saml:roland:spstaffmemberJeterDerekfoo@gmail.comshortstop' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-hJuPStQGneGHIgoXq' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-hJuPStQGneGHIgoXq', '--output', '/tmp/tmp872j661j.xml', '/tmp/tmpw_dwoozn.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ______________ ERROR at setup of TestResponse.test_other_response ______________ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=4831cc2983d968b742d7b2ad62b30c7f18c4df73ed0d63abc3de445a2b5a70b1urn:mace:example.com:saml:roland:spstaffmemberJeterDerekfoo@gmail.comshortstop' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-hJuPStQGneGHIgoXq' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpw_dwoozn.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpw_dwoozn.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def setup_class(self): with closing(Server("idp_conf")) as server: name_id = server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id12") self._resp_ = server.create_authn_response( IDENTITY, in_response_to="id12", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", name_id=name_id, ) > self._sign_resp_ = server.create_authn_response( IDENTITY, in_response_to="id12", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", name_id=name_id, sign_assertion=True, ) tests/test_41_response.py:53: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:760: in _response return signed_instance_factory(response, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=4831cc2983d968b742d7b2ad62b30c7f18c4df73ed0d63abc3de445a2b5a70b1urn:mace:example.com:saml:roland:spstaffmemberJeterDerekfoo@gmail.comshortstop' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-hJuPStQGneGHIgoXq' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-hJuPStQGneGHIgoXq', '--output', '/tmp/tmp872j661j.xml', '/tmp/tmpw_dwoozn.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ______________ ERROR at setup of TestAuthnResponse.test_verify_1 _______________ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=5600e55fdb42001d0bff421c70b94a12b4dd36303fa01f0ba48d84eb9a123876urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginstaffmemberJeterDerekfoo@gmail.comshortstop' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-PyOyMYvUbM5R58qna' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpmrx3tflz.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpmrx3tflz.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def setup_class(self): with closing(Server(dotname("idp_conf"))) as server: name_id = server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id12") self._resp_ = server.create_authn_response( IDENTITY, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=name_id, authn=AUTHN, ) > self._sign_resp_ = server.create_authn_response( IDENTITY, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=name_id, sign_assertion=True, authn=AUTHN, ) tests/test_44_authnresp.py:48: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:760: in _response return signed_instance_factory(response, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=5600e55fdb42001d0bff421c70b94a12b4dd36303fa01f0ba48d84eb9a123876urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginstaffmemberJeterDerekfoo@gmail.comshortstop' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-PyOyMYvUbM5R58qna' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-PyOyMYvUbM5R58qna', '--output', '/tmp/tmpvqmh45is.xml', '/tmp/tmpmrx3tflz.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log setup ------------------------------ ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpmrx3tflz.xml" output= ___________ ERROR at setup of TestAuthnResponse.test_verify_signed_1 ___________ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=5600e55fdb42001d0bff421c70b94a12b4dd36303fa01f0ba48d84eb9a123876urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginstaffmemberJeterDerekfoo@gmail.comshortstop' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-PyOyMYvUbM5R58qna' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpmrx3tflz.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpmrx3tflz.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def setup_class(self): with closing(Server(dotname("idp_conf"))) as server: name_id = server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id12") self._resp_ = server.create_authn_response( IDENTITY, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=name_id, authn=AUTHN, ) > self._sign_resp_ = server.create_authn_response( IDENTITY, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=name_id, sign_assertion=True, authn=AUTHN, ) tests/test_44_authnresp.py:48: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:760: in _response return signed_instance_factory(response, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=5600e55fdb42001d0bff421c70b94a12b4dd36303fa01f0ba48d84eb9a123876urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginstaffmemberJeterDerekfoo@gmail.comshortstop' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-PyOyMYvUbM5R58qna' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-PyOyMYvUbM5R58qna', '--output', '/tmp/tmpvqmh45is.xml', '/tmp/tmpmrx3tflz.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError _______________ ERROR at setup of TestAuthnResponse.test_parse_2 _______________ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=5600e55fdb42001d0bff421c70b94a12b4dd36303fa01f0ba48d84eb9a123876urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginstaffmemberJeterDerekfoo@gmail.comshortstop' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-PyOyMYvUbM5R58qna' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpmrx3tflz.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpmrx3tflz.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def setup_class(self): with closing(Server(dotname("idp_conf"))) as server: name_id = server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id12") self._resp_ = server.create_authn_response( IDENTITY, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=name_id, authn=AUTHN, ) > self._sign_resp_ = server.create_authn_response( IDENTITY, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=name_id, sign_assertion=True, authn=AUTHN, ) tests/test_44_authnresp.py:48: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:760: in _response return signed_instance_factory(response, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=5600e55fdb42001d0bff421c70b94a12b4dd36303fa01f0ba48d84eb9a123876urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginstaffmemberJeterDerekfoo@gmail.comshortstop' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-PyOyMYvUbM5R58qna' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-PyOyMYvUbM5R58qna', '--output', '/tmp/tmpvqmh45is.xml', '/tmp/tmpmrx3tflz.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ___________ ERROR at setup of TestAuthnResponse.test_verify_w_authn ____________ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=5600e55fdb42001d0bff421c70b94a12b4dd36303fa01f0ba48d84eb9a123876urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginstaffmemberJeterDerekfoo@gmail.comshortstop' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-PyOyMYvUbM5R58qna' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpmrx3tflz.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpmrx3tflz.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def setup_class(self): with closing(Server(dotname("idp_conf"))) as server: name_id = server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id12") self._resp_ = server.create_authn_response( IDENTITY, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=name_id, authn=AUTHN, ) > self._sign_resp_ = server.create_authn_response( IDENTITY, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=name_id, sign_assertion=True, authn=AUTHN, ) tests/test_44_authnresp.py:48: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:760: in _response return signed_instance_factory(response, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=5600e55fdb42001d0bff421c70b94a12b4dd36303fa01f0ba48d84eb9a123876urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginstaffmemberJeterDerekfoo@gmail.comshortstop' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-PyOyMYvUbM5R58qna' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-PyOyMYvUbM5R58qna', '--output', '/tmp/tmpvqmh45is.xml', '/tmp/tmpmrx3tflz.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError _________ ERROR at setup of TestAuthnResponse.test_unpack_nested_eptid _________ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=5600e55fdb42001d0bff421c70b94a12b4dd36303fa01f0ba48d84eb9a123876urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginstaffmemberJeterDerekfoo@gmail.comshortstop' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-PyOyMYvUbM5R58qna' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpmrx3tflz.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpmrx3tflz.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def setup_class(self): with closing(Server(dotname("idp_conf"))) as server: name_id = server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id12") self._resp_ = server.create_authn_response( IDENTITY, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=name_id, authn=AUTHN, ) > self._sign_resp_ = server.create_authn_response( IDENTITY, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=name_id, sign_assertion=True, authn=AUTHN, ) tests/test_44_authnresp.py:48: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:760: in _response return signed_instance_factory(response, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=5600e55fdb42001d0bff421c70b94a12b4dd36303fa01f0ba48d84eb9a123876urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginstaffmemberJeterDerekfoo@gmail.comshortstop' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-PyOyMYvUbM5R58qna' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-PyOyMYvUbM5R58qna', '--output', '/tmp/tmpvqmh45is.xml', '/tmp/tmpmrx3tflz.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ____ ERROR at setup of TestAuthnResponse.test_multiple_attribute_statement _____ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=5600e55fdb42001d0bff421c70b94a12b4dd36303fa01f0ba48d84eb9a123876urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginstaffmemberJeterDerekfoo@gmail.comshortstop' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-PyOyMYvUbM5R58qna' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpmrx3tflz.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpmrx3tflz.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def setup_class(self): with closing(Server(dotname("idp_conf"))) as server: name_id = server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id12") self._resp_ = server.create_authn_response( IDENTITY, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=name_id, authn=AUTHN, ) > self._sign_resp_ = server.create_authn_response( IDENTITY, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=name_id, sign_assertion=True, authn=AUTHN, ) tests/test_44_authnresp.py:48: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:760: in _response return signed_instance_factory(response, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=5600e55fdb42001d0bff421c70b94a12b4dd36303fa01f0ba48d84eb9a123876urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginstaffmemberJeterDerekfoo@gmail.comshortstop' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-PyOyMYvUbM5R58qna' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-PyOyMYvUbM5R58qna', '--output', '/tmp/tmpvqmh45is.xml', '/tmp/tmpmrx3tflz.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError =================================== FAILURES =================================== ________________ test_signed_metadata_proper_str_bytes_handling ________________ self = statement = 'MIIDgTCCAmmgAwIBAgIJAJRJzvdpkmNaMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNVBAYTAlVTMRUwEwYDVQQKDAxJbkNvbW1vbiBMTEMxMTAvBgNVBAMMKEluQ29tbW9uIEZlZGVyYXRpb24gTWV0YWRhdGEgU2lnbmluZyBLZXkwHhcNMTMxMjE2MTkzNDU1WhcNMzcxMjE4MTkzNDU1WjBXMQswCQYDVQQGEwJVUzEVMBMGA1UECgwMSW5Db21tb24gTExDMTEwLwYDVQQDDChJbkNvbW1vbiBGZWRlcmF0aW9uIE1ldGFkYXRhIFNpZ25pbmcgS2V5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Chdkrn+dG5Zj5L3UIw+xeWgNzm8ajw7/FyqRQ1SjD4Lfg2WCdlfjOrYGNnVZMCTfItoXTSpg4rXxHQsykeNiYRu2+02uMS+1pnBqWjzdPJE0od+q8EbdvE6ShimjyNn0yQfGyQKCNdYuc+75MIHsaIOAEtDZUST9Sd4oeU1zRjV2sGvUd+JFHveUAhRc0b+JEZfIEuq/LIU9qxm/+gFaawlmojZPyOWZ1JlswbrrJYYyn10qgnJvjh9gZWXKjmPxqvHKJcATPhAh2gWGabWTXBJCckMe1hrHCl/vbDLCmz0/oYuoaSDzP6zE9YSA/xCplaHA0moC1Vs2H5MOQGlewIDAQABo1AwTjAdBgNVHQ4EFgQU5ij9YLU5zQ6K75kPgVpyQ2N/lPswHwYDVR0jBBgwFoAU5ij9YLU5zQ6K75kPgVpyQ2N/lPswDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAaQkEx9xvaLUt0PNLvHMtxXQPedCPw5xQBd2VWOsWPYspRAOSNbU1VloY+xUkUKorYTogKUY1q+uh2gDIEazW0uZZaQvWPp8xdxWqDh96n5US06lszEc+Lj3dqdxWkXRRqEbjhBFh/utXaeyeSOtaX65GwD5svDHnJBclAGkzeRIXqxmYG+I2zMm/JYGzEnbwToyC7yF6Q8cQxOr37hEpqz+WN/x3qM2qyBLECQFjmlJrvRLkSL15PCZiu+xFNFd/zx6btDun5DBlfDS9DG+SHCNH6Nq+NfP+ZQ8CGzP/3TaZPzMlKPDCjp0XOQfyQqFIXdwjPFTWjEusDBlm4qJAlQ==MIIDgTCCAmmgAwIBAgIJAJRJzvdpkmNaMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNVBAYTAlVTMRUwEwYDVQQKDAxJbkNvbW1vbiBMTEMxMTAvBgNVBAMMKEluQ29tbW9uIEZlZGVyYXRpb24gTWV0YWRhdGEgU2lnbmluZyBLZXkwHhcNMTMxMjE2MTkzNDU1WhcNMzcxMjE4MTkzNDU1WjBXMQswCQYDVQQGEwJVUzEVMBMGA1UECgwMSW5Db21tb24gTExDMTEwLwYDVQQDDChJbkNvbW1vbiBGZWRlcmF0aW9uIE1ldGFkYXRhIFNpZ25pbmcgS2V5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Chdkrn+dG5Zj5L3UIw+xeWgNzm8ajw7/FyqRQ1SjD4Lfg2WCdlfjOrYGNnVZMCTfItoXTSpg4rXxHQsykeNiYRu2+02uMS+1pnBqWjzdPJE0od+q8EbdvE6ShimjyNn0yQfGyQKCNdYuc+75MIHsaIOAEtDZUST9Sd4oeU1zRjV2sGvUd+JFHveUAhRc0b+JEZfIEuq/LIU9qxm/+gFaawlmojZPyOWZ1JlswbrrJYYyn10qgnJvjh9gZWXKjmPxqvHKJcATPhAh2gWGabWTXBJCckMe1hrHCl/vbDLCmz0/oYuoaSDzP6zE9YSA/xCplaHA0moC1Vs2H5MOQGlewIDAQABo1AwTjAdBgNVHQ4EFgQU5ij9YLU5zQ6K75kPgVpyQ2N/lPswHwYDVR0jBBgwFoAU5ij9YLU5zQ6K75kPgVpyQ2N/lPswDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAaQkEx9xvaLUt0PNLvHMtxXQPedCPw5xQBd2VWOsWPYspRAOSNbU1VloY+xUkUKorYTogKUY1q+uh2gDIEazW0uZZaQvWPp8xdxWqDh96n5US06lszEc+Lj3dqdxWkXRRqEbjhBFh/utXaeyeSOtaX65GwD5svDHnJBclAGkzeRIXqxmYG+I2zMm/JYGzEnbwToyC7yF6Q8cQxOr37hEpqz+WN/x3qM2qyBLECQFjmlJrvRLkSL15PCZiu+xFNFd/zx6btDun5DBlfDS9DG+SHCNH6Nq+NfP+ZQ8CGzP/3TaZPzMlKPDCjp0XOQfyQqFIXdwjPFTWjEusDBlm4qJAlQ==Rolands SP' node_name = 'urn:oasis:names:tc:SAML:2.0:metadata:EntityDescriptor' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = None def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:metadata:EntityDescriptor', ...] extra_args = ['/tmp/tmplqjrl2m6.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=US/O=InCommon LLC/CN=InCommon Federation Metadata Signing Key; issuer=/C=US/O=InCommon LLC/CN=InCommon Federation Metadata Signing Key; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=US/O=InCommon LLC/CN=InCommon Federation Metadata Signing Key; issuer=/C=US/O=InCommon LLC/CN=InCommon Federation Metadata Signing Key; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmplqjrl2m6.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: def test_signed_metadata_proper_str_bytes_handling(): sp_conf_2 = sp_conf.copy() sp_conf_2["key_file"] = full_path("test.key") sp_conf_2["cert_file"] = full_path("inc-md-cert.pem") # requires xmlsec binaries per https://pysaml2.readthedocs.io/en/latest/examples/sp.html sp_conf_2["xmlsec_binary"] = sigver.get_xmlsec_binary(["/opt/local/bin"]) cnf = SPConfig().load(sp_conf_2) # This will raise TypeError if string/bytes handling is not correct > sp_metadata = create_metadata_string("", config=cnf, sign=True) tests/test_39_metadata.py:66: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/metadata.py:118: in create_metadata_string eid, xmldoc = sign_entity_descriptor(eid, mid, secc, sign_alg, digest_alg) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/metadata.py:851: in sign_entity_descriptor xmldoc = secc.sign_statement(f"{edesc}", class_name(edesc)) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'MIIDgTCCAmmgAwIBAgIJAJRJzvdpkmNaMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNVBAYTAlVTMRUwEwYDVQQKDAxJbkNvbW1vbiBMTEMxMTAvBgNVBAMMKEluQ29tbW9uIEZlZGVyYXRpb24gTWV0YWRhdGEgU2lnbmluZyBLZXkwHhcNMTMxMjE2MTkzNDU1WhcNMzcxMjE4MTkzNDU1WjBXMQswCQYDVQQGEwJVUzEVMBMGA1UECgwMSW5Db21tb24gTExDMTEwLwYDVQQDDChJbkNvbW1vbiBGZWRlcmF0aW9uIE1ldGFkYXRhIFNpZ25pbmcgS2V5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Chdkrn+dG5Zj5L3UIw+xeWgNzm8ajw7/FyqRQ1SjD4Lfg2WCdlfjOrYGNnVZMCTfItoXTSpg4rXxHQsykeNiYRu2+02uMS+1pnBqWjzdPJE0od+q8EbdvE6ShimjyNn0yQfGyQKCNdYuc+75MIHsaIOAEtDZUST9Sd4oeU1zRjV2sGvUd+JFHveUAhRc0b+JEZfIEuq/LIU9qxm/+gFaawlmojZPyOWZ1JlswbrrJYYyn10qgnJvjh9gZWXKjmPxqvHKJcATPhAh2gWGabWTXBJCckMe1hrHCl/vbDLCmz0/oYuoaSDzP6zE9YSA/xCplaHA0moC1Vs2H5MOQGlewIDAQABo1AwTjAdBgNVHQ4EFgQU5ij9YLU5zQ6K75kPgVpyQ2N/lPswHwYDVR0jBBgwFoAU5ij9YLU5zQ6K75kPgVpyQ2N/lPswDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAaQkEx9xvaLUt0PNLvHMtxXQPedCPw5xQBd2VWOsWPYspRAOSNbU1VloY+xUkUKorYTogKUY1q+uh2gDIEazW0uZZaQvWPp8xdxWqDh96n5US06lszEc+Lj3dqdxWkXRRqEbjhBFh/utXaeyeSOtaX65GwD5svDHnJBclAGkzeRIXqxmYG+I2zMm/JYGzEnbwToyC7yF6Q8cQxOr37hEpqz+WN/x3qM2qyBLECQFjmlJrvRLkSL15PCZiu+xFNFd/zx6btDun5DBlfDS9DG+SHCNH6Nq+NfP+ZQ8CGzP/3TaZPzMlKPDCjp0XOQfyQqFIXdwjPFTWjEusDBlm4qJAlQ==MIIDgTCCAmmgAwIBAgIJAJRJzvdpkmNaMA0GCSqGSIb3DQEBCwUAMFcxCzAJBgNVBAYTAlVTMRUwEwYDVQQKDAxJbkNvbW1vbiBMTEMxMTAvBgNVBAMMKEluQ29tbW9uIEZlZGVyYXRpb24gTWV0YWRhdGEgU2lnbmluZyBLZXkwHhcNMTMxMjE2MTkzNDU1WhcNMzcxMjE4MTkzNDU1WjBXMQswCQYDVQQGEwJVUzEVMBMGA1UECgwMSW5Db21tb24gTExDMTEwLwYDVQQDDChJbkNvbW1vbiBGZWRlcmF0aW9uIE1ldGFkYXRhIFNpZ25pbmcgS2V5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Chdkrn+dG5Zj5L3UIw+xeWgNzm8ajw7/FyqRQ1SjD4Lfg2WCdlfjOrYGNnVZMCTfItoXTSpg4rXxHQsykeNiYRu2+02uMS+1pnBqWjzdPJE0od+q8EbdvE6ShimjyNn0yQfGyQKCNdYuc+75MIHsaIOAEtDZUST9Sd4oeU1zRjV2sGvUd+JFHveUAhRc0b+JEZfIEuq/LIU9qxm/+gFaawlmojZPyOWZ1JlswbrrJYYyn10qgnJvjh9gZWXKjmPxqvHKJcATPhAh2gWGabWTXBJCckMe1hrHCl/vbDLCmz0/oYuoaSDzP6zE9YSA/xCplaHA0moC1Vs2H5MOQGlewIDAQABo1AwTjAdBgNVHQ4EFgQU5ij9YLU5zQ6K75kPgVpyQ2N/lPswHwYDVR0jBBgwFoAU5ij9YLU5zQ6K75kPgVpyQ2N/lPswDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAaQkEx9xvaLUt0PNLvHMtxXQPedCPw5xQBd2VWOsWPYspRAOSNbU1VloY+xUkUKorYTogKUY1q+uh2gDIEazW0uZZaQvWPp8xdxWqDh96n5US06lszEc+Lj3dqdxWkXRRqEbjhBFh/utXaeyeSOtaX65GwD5svDHnJBclAGkzeRIXqxmYG+I2zMm/JYGzEnbwToyC7yF6Q8cQxOr37hEpqz+WN/x3qM2qyBLECQFjmlJrvRLkSL15PCZiu+xFNFd/zx6btDun5DBlfDS9DG+SHCNH6Nq+NfP+ZQ8CGzP/3TaZPzMlKPDCjp0XOQfyQqFIXdwjPFTWjEusDBlm4qJAlQ==Rolands SP' node_name = 'urn:oasis:names:tc:SAML:2.0:metadata:EntityDescriptor' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = None def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:metadata:EntityDescriptor', '--output', '/tmp/tmppxxa5dli.xml', '/tmp/tmplqjrl2m6.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=US/O=InCommon LLC/CN=InCommon Federation Metadata Signing Key; issuer=/C=US/O=InCommon LLC/CN=InCommon Federation Metadata Signing Key; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=US/O=InCommon LLC/CN=InCommon Federation Metadata Signing Key; issuer=/C=US/O=InCommon LLC/CN=InCommon Federation Metadata Signing Key; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmplqjrl2m6.xml" output= _______________________ TestSecurity.test_sign_assertion _______________________ self = statement = 'the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=FooBar' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11111' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmposoci60c.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmposoci60c.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_sign_assertion(self): ass = self._assertion print(ass) > sign_ass = self.sec.sign_assertion(f"{ass}", node_id=ass.id) tests/test_40_sigver.py:186: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1710: in sign_assertion return self.sign_statement(statement, class_name(saml.Assertion()), **kwargs) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=FooBar' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11111' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11111', '--output', '/tmp/tmpiyp7ncis.xml', '/tmp/tmposoci60c.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ----------------------------- Captured stdout call ----------------------------- the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=FooBar ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmposoci60c.xml" output= _______________ TestSecurity.test_multiple_signatures_assertion ________________ self = statement = 'the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=FooBar' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11111' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmptuvvgefj.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmptuvvgefj.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_multiple_signatures_assertion(self): ass = self._assertion # basic test with two of the same to_sign = [(ass, ass.id), (ass, ass.id)] > sign_ass = self.sec.multiple_signatures(str(ass), to_sign) tests/test_40_sigver.py:205: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1751: in multiple_signatures statement = self.sign_statement( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=FooBar' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11111' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11111', '--output', '/tmp/tmpfr5z7zx8.xml', '/tmp/tmptuvvgefj.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmptuvvgefj.xml" output= ________________ TestSecurity.test_multiple_signatures_response ________________ self = statement = 'the-isserMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=FooBar' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11111' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpjrotcmhq.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpjrotcmhq.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_multiple_signatures_response(self): response = factory( samlp.Response, issuer=saml.Issuer(text="the-isser"), status=success_status_factory(), assertion=self._assertion, version="2.0", issue_instant="2099-10-30T13:20:28Z", id="id-22222", signature=sigver.pre_signature_part("id-22222", self.sec.my_cert), ) # order is important, we can't validate if the signatures are made # in the reverse order to_sign = [(self._assertion, self._assertion.id), (response, response.id)] > s_response = self.sec.multiple_signatures(str(response), to_sign) tests/test_40_sigver.py:233: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1751: in multiple_signatures statement = self.sign_statement( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'the-isserMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=FooBar' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11111' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11111', '--output', '/tmp/tmpk6_abcmj.xml', '/tmp/tmpjrotcmhq.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpjrotcmhq.xml" output= _______________________ TestSecurity.test_sign_response ________________________ self = statement = b'the-isserMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=FooBar' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11111' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmp3_fomgrt.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmp3_fomgrt.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_sign_response(self): response = factory( samlp.Response, issuer=saml.Issuer(text="the-isser"), status=success_status_factory(), assertion=self._assertion, version="2.0", issue_instant="2099-10-30T13:20:28Z", id="id-22222", signature=sigver.pre_signature_part("id-22222", self.sec.my_cert), ) to_sign = [(class_name(self._assertion), self._assertion.id), (class_name(response), response.id)] > s_response = sigver.signed_instance_factory(response, self.sec, to_sign) tests/test_40_sigver.py:270: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'the-isserMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=FooBar' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11111' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11111', '--output', '/tmp/tmpheqmgdaf.xml', '/tmp/tmp3_fomgrt.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmp3_fomgrt.xml" output= ______________________ TestSecurity.test_sign_response_2 _______________________ self = statement = b'the-isser-2MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=the-issuer-2MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=FoxBear' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11122' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmphxruip23.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmphxruip23.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_sign_response_2(self): assertion2 = factory( saml.Assertion, version="2.0", id="id-11122", issuer=saml.Issuer(text="the-issuer-2"), issue_instant="2009-10-30T13:20:28Z", signature=sigver.pre_signature_part("id-11122", self.sec.my_cert), attribute_statement=do_attribute_statement( { ("name:surName", "nameformat", "surName"): ("Fox", ""), ("name:givenName", "nameformat", "givenName"): ("Bear", ""), } ), ) response = factory( samlp.Response, issuer=saml.Issuer(text="the-isser-2"), status=success_status_factory(), assertion=assertion2, version="2.0", issue_instant="2099-10-30T13:20:28Z", id="id-22233", signature=sigver.pre_signature_part("id-22233", self.sec.my_cert), ) to_sign = [(class_name(assertion2), assertion2.id), (class_name(response), response.id)] > s_response = sigver.signed_instance_factory(response, self.sec, to_sign) tests/test_40_sigver.py:314: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'the-isser-2MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=the-issuer-2MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=FoxBear' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11122' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11122', '--output', '/tmp/tmptj7vy8z4.xml', '/tmp/tmphxruip23.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmphxruip23.xml" output= ________________________ TestSecurity.test_sign_verify _________________________ self = statement = b'MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=FooBar' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11111' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmp9vew77m9.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmp9vew77m9.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_sign_verify(self): response = factory( samlp.Response, assertion=self._assertion, id="id-22233", signature=sigver.pre_signature_part("id-22233", self.sec.my_cert), ) to_sign = [(class_name(self._assertion), self._assertion.id), (class_name(response), response.id)] > s_response = sigver.signed_instance_factory(response, self.sec, to_sign) tests/test_40_sigver.py:341: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=FooBar' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11111' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11111', '--output', '/tmp/tmplhdn5x1y.xml', '/tmp/tmp9vew77m9.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmp9vew77m9.xml" output= ____________ TestSecurity.test_sign_verify_with_cert_from_instance _____________ self = statement = b'the-isserMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=FooBar' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11111' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpmv4o2ztf.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpmv4o2ztf.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_sign_verify_with_cert_from_instance(self): response = factory( samlp.Response, issuer=saml.Issuer(text="the-isser"), status=success_status_factory(), assertion=self._assertion, version="2.0", issue_instant="2099-10-30T13:20:28Z", id="id-22222", signature=sigver.pre_signature_part("id-22222", self.sec.my_cert), ) to_sign = [(class_name(self._assertion), self._assertion.id), (class_name(response), response.id)] > s_response = sigver.signed_instance_factory(response, self.sec, to_sign) tests/test_40_sigver.py:363: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'the-isserMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=FooBar' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11111' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11111', '--output', '/tmp/tmpomjw_pha.xml', '/tmp/tmpmv4o2ztf.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpmv4o2ztf.xml" output= _______ TestSecurity.test_sign_verify_assertion_with_cert_from_instance ________ self = statement = b'the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=FoxBear' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11100' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpj1557288.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpj1557288.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_sign_verify_assertion_with_cert_from_instance(self): assertion = factory( saml.Assertion, version="2.0", id="id-11100", issuer=saml.Issuer(text="the-issuer"), issue_instant="2009-10-30T13:20:28Z", signature=sigver.pre_signature_part("id-11100", self.sec.my_cert), attribute_statement=do_attribute_statement( { ("name:surName", "nameformat", "surName"): ("Fox", ""), ("name:givenName", "nameformat", "givenName"): ("Bear", ""), } ), ) to_sign = [(class_name(assertion), assertion.id)] > s_assertion = sigver.signed_instance_factory(assertion, self.sec, to_sign) tests/test_40_sigver.py:395: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=FoxBear' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11100' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11100', '--output', '/tmp/tmp_nwjqffc.xml', '/tmp/tmpj1557288.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpj1557288.xml" output= _______ TestSecurity.test_exception_sign_verify_with_cert_from_instance ________ self = statement = b'the-isserMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=the-issuer-2FooBar' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:Response' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-22222' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:Response', ...] extra_args = ['/tmp/tmp5z7rbcs1.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmp5z7rbcs1.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_exception_sign_verify_with_cert_from_instance(self): assertion = factory( saml.Assertion, version="2.0", id="id-11100", issuer=saml.Issuer(text="the-issuer-2"), issue_instant="2009-10-30T13:20:28Z", attribute_statement=do_attribute_statement( { ("name:surName", "nameformat", "surName"): ("Foo", ""), ("name:givenName", "nameformat", "givenName"): ("Bar", ""), } ), ) response = factory( samlp.Response, issuer=saml.Issuer(text="the-isser"), status=success_status_factory(), assertion=assertion, version="2.0", issue_instant="2099-10-30T13:20:28Z", id="id-22222", signature=sigver.pre_signature_part("id-22222", self.sec.my_cert), ) to_sign = [(class_name(response), response.id)] > s_response = sigver.signed_instance_factory(response, self.sec, to_sign) tests/test_40_sigver.py:436: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'the-isserMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=the-issuer-2FooBar' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:Response' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-22222' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:Response', '--node-id', 'id-22222', '--output', '/tmp/tmps4nshkr4.xml', '/tmp/tmp5z7rbcs1.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmp5z7rbcs1.xml" output= _________________ TestSecurityNonAsciiAva.test_sign_assertion __________________ self = statement = 'the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=FööBär' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11111' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpr5jqk7qm.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpr5jqk7qm.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_sign_assertion(self): ass = self._assertion print(ass) > sign_ass = self.sec.sign_assertion(f"{ass}", node_id=ass.id) tests/test_40_sigver.py:491: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1710: in sign_assertion return self.sign_statement(statement, class_name(saml.Assertion()), **kwargs) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=FööBär' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11111' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11111', '--output', '/tmp/tmpk2dg0zw_.xml', '/tmp/tmpr5jqk7qm.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ----------------------------- Captured stdout call ----------------------------- the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=FööBär ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpr5jqk7qm.xml" output= __________ TestSecurityNonAsciiAva.test_multiple_signatures_assertion __________ self = statement = 'the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=FööBär' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11111' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpa1kekj1k.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpa1kekj1k.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_multiple_signatures_assertion(self): ass = self._assertion # basic test with two of the same to_sign = [(ass, ass.id), (ass, ass.id)] > sign_ass = self.sec.multiple_signatures(str(ass), to_sign) tests/test_40_sigver.py:511: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1751: in multiple_signatures statement = self.sign_statement( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=FööBär' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11111' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11111', '--output', '/tmp/tmp72q_3_0k.xml', '/tmp/tmpa1kekj1k.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpa1kekj1k.xml" output= __________ TestSecurityNonAsciiAva.test_multiple_signatures_response ___________ self = statement = 'the-isserMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=FööBär' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11111' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpc7jlsvpd.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpc7jlsvpd.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_multiple_signatures_response(self): response = factory( samlp.Response, issuer=saml.Issuer(text="the-isser"), status=success_status_factory(), assertion=self._assertion, version="2.0", issue_instant="2099-10-30T13:20:28Z", id="id-22222", signature=sigver.pre_signature_part("id-22222", self.sec.my_cert), ) # order is important, we can't validate if the signatures are made # in the reverse order to_sign = [(self._assertion, self._assertion.id), (response, response.id)] > s_response = self.sec.multiple_signatures(str(response), to_sign) tests/test_40_sigver.py:539: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1751: in multiple_signatures statement = self.sign_statement( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'the-isserMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=FööBär' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11111' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11111', '--output', '/tmp/tmp21zy2zgx.xml', '/tmp/tmpc7jlsvpd.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpc7jlsvpd.xml" output= __________________ TestSecurityNonAsciiAva.test_sign_response __________________ self = statement = b'the-isserMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=F\xc3\xb6\xc3\xb6B\xc3\xa4r' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11111' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmp98fikr0l.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmp98fikr0l.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_sign_response(self): response = factory( samlp.Response, issuer=saml.Issuer(text="the-isser"), status=success_status_factory(), assertion=self._assertion, version="2.0", issue_instant="2099-10-30T13:20:28Z", id="id-22222", signature=sigver.pre_signature_part("id-22222", self.sec.my_cert), ) to_sign = [(class_name(self._assertion), self._assertion.id), (class_name(response), response.id)] > s_response = sigver.signed_instance_factory(response, self.sec, to_sign) tests/test_40_sigver.py:576: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'the-isserMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=F\xc3\xb6\xc3\xb6B\xc3\xa4r' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11111' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11111', '--output', '/tmp/tmpsc6c2stl.xml', '/tmp/tmp98fikr0l.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmp98fikr0l.xml" output= _________________ TestSecurityNonAsciiAva.test_sign_response_2 _________________ self = statement = b'the-isserMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=the-issuer-2MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=R\xc3\xa4vBj\xc3\xb6rn' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11122' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmp5y45dmcq.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmp5y45dmcq.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_sign_response_2(self): assertion2 = factory( saml.Assertion, version="2.0", id="id-11122", issuer=saml.Issuer(text="the-issuer-2"), issue_instant="2009-10-30T13:20:28Z", signature=sigver.pre_signature_part("id-11122", self.sec.my_cert), attribute_statement=do_attribute_statement( { ("name:surName", "nameformat", "surName"): ("Räv", ""), ("name:givenName", "nameformat", "givenName"): ("Björn", ""), } ), ) response = factory( samlp.Response, issuer=saml.Issuer(text="the-isser"), status=success_status_factory(), assertion=assertion2, version="2.0", issue_instant="2099-10-30T13:20:28Z", id="id-22233", signature=sigver.pre_signature_part("id-22233", self.sec.my_cert), ) to_sign = [(class_name(assertion2), assertion2.id), (class_name(response), response.id)] > s_response = sigver.signed_instance_factory(response, self.sec, to_sign) tests/test_40_sigver.py:620: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'the-isserMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=the-issuer-2MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=R\xc3\xa4vBj\xc3\xb6rn' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11122' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11122', '--output', '/tmp/tmp3o5yqk29.xml', '/tmp/tmp5y45dmcq.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmp5y45dmcq.xml" output= ___________________ TestSecurityNonAsciiAva.test_sign_verify ___________________ self = statement = b'the-isserMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=F\xc3\xb6\xc3\xb6B\xc3\xa4r' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11111' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpgg328ijq.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpgg328ijq.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_sign_verify(self): response = factory( samlp.Response, issuer=saml.Issuer(text="the-isser"), status=success_status_factory(), assertion=self._assertion, version="2.0", issue_instant="2099-10-30T13:20:28Z", id="id-22233", signature=sigver.pre_signature_part("id-22233", self.sec.my_cert), ) to_sign = [(class_name(self._assertion), self._assertion.id), (class_name(response), response.id)] > s_response = sigver.signed_instance_factory(response, self.sec, to_sign) tests/test_40_sigver.py:648: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'the-isserMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=F\xc3\xb6\xc3\xb6B\xc3\xa4r' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11111' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11111', '--output', '/tmp/tmpqx1bzu0t.xml', '/tmp/tmpgg328ijq.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpgg328ijq.xml" output= _______ TestSecurityNonAsciiAva.test_sign_verify_with_cert_from_instance _______ self = statement = b'the-isserMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=F\xc3\xb6\xc3\xb6B\xc3\xa4r' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11111' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpoielehpa.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpoielehpa.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_sign_verify_with_cert_from_instance(self): response = factory( samlp.Response, issuer=saml.Issuer(text="the-isser"), status=success_status_factory(), assertion=self._assertion, version="2.0", issue_instant="2099-10-30T13:20:28Z", id="id-22222", signature=sigver.pre_signature_part("id-22222", self.sec.my_cert), ) to_sign = [(class_name(self._assertion), self._assertion.id), (class_name(response), response.id)] > s_response = sigver.signed_instance_factory(response, self.sec, to_sign) tests/test_40_sigver.py:670: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'the-isserMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=F\xc3\xb6\xc3\xb6B\xc3\xa4r' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11111' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11111', '--output', '/tmp/tmpk_0esw4y.xml', '/tmp/tmpoielehpa.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpoielehpa.xml" output= __ TestSecurityNonAsciiAva.test_sign_verify_assertion_with_cert_from_instance __ self = statement = b'the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=R\xc3\xa4vBj\xc3\xb6rn' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11100' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpgymicu_0.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpgymicu_0.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_sign_verify_assertion_with_cert_from_instance(self): assertion = factory( saml.Assertion, version="2.0", id="id-11100", issuer=saml.Issuer(text="the-issuer"), issue_instant="2009-10-30T13:20:28Z", signature=sigver.pre_signature_part("id-11100", self.sec.my_cert, 1), attribute_statement=do_attribute_statement( { ("name:surName", "nameformat", "surName"): ("Räv", ""), ("name:givenName", "nameformat", "givenName"): ("Björn", ""), } ), ) to_sign = [(class_name(assertion), assertion.id)] > s_assertion = sigver.signed_instance_factory(assertion, self.sec, to_sign) tests/test_40_sigver.py:702: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'the-issuerMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=R\xc3\xa4vBj\xc3\xb6rn' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11100' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11100', '--output', '/tmp/tmptudmm2mc.xml', '/tmp/tmpgymicu_0.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpgymicu_0.xml" output= __ TestSecurityNonAsciiAva.test_exception_sign_verify_with_cert_from_instance __ self = statement = b'the-isserMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=the-issuerF\xc3\xb6\xc3\xb6B\xc3\xa4r' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:Response' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-22222' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:Response', ...] extra_args = ['/tmp/tmpqcu9v68s.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpqcu9v68s.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_exception_sign_verify_with_cert_from_instance(self): assertion = factory( saml.Assertion, version="2.0", id="id-11100", issuer=saml.Issuer(text="the-issuer"), issue_instant="2009-10-30T13:20:28Z", attribute_statement=do_attribute_statement( { ("name:surName", "nameformat", "surName"): ("Föö", ""), ("name:givenName", "nameformat", "givenName"): ("Bär", ""), } ), ) response = factory( samlp.Response, issuer=saml.Issuer(text="the-isser"), status=success_status_factory(), assertion=assertion, version="2.0", issue_instant="2099-10-30T13:20:28Z", id="id-22222", signature=sigver.pre_signature_part("id-22222", self.sec.my_cert), ) to_sign = [(class_name(response), response.id)] > s_response = sigver.signed_instance_factory(response, self.sec, to_sign) tests/test_40_sigver.py:743: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'the-isserMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=the-issuerF\xc3\xb6\xc3\xb6B\xc3\xa4r' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:Response' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-22222' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:Response', '--node-id', 'id-22222', '--output', '/tmp/tmplt3sbksz.xml', '/tmp/tmpqcu9v68s.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpqcu9v68s.xml" output= __________________________________ test_xbox ___________________________________ self = statement = 'MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=FooBar' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11111' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpihsdeetl.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpihsdeetl.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: def test_xbox(): conf = config.SPConfig() conf.load_file("server_conf") md = MetadataStore([saml, samlp], None, conf) md.load("local", IDP_EXAMPLE) conf.metadata = md conf.only_use_keys_in_metadata = False sec = sigver.security_context(conf) assertion = factory( saml.Assertion, version="2.0", id="id-11111", issue_instant="2009-10-30T13:20:28Z", signature=sigver.pre_signature_part("id-11111", sec.my_cert, 1), attribute_statement=do_attribute_statement( { ("", "", "surName"): ("Foo", ""), ("", "", "givenName"): ("Bar", ""), } ), ) > sigass = sec.sign_statement( assertion, class_name(assertion), key_file=PRIV_KEY, node_id=assertion.id, ) tests/test_40_sigver.py:843: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=FooBar' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11111' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11111', '--output', '/tmp/tmp_sumhu01.xml', '/tmp/tmpihsdeetl.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpihsdeetl.xml" output= ___________________________ test_xbox_non_ascii_ava ____________________________ self = statement = 'MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=FööBär' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11111' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpl2poq6j5.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpl2poq6j5.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: def test_xbox_non_ascii_ava(): conf = config.SPConfig() conf.load_file("server_conf") md = MetadataStore([saml, samlp], None, conf) md.load("local", IDP_EXAMPLE) conf.metadata = md conf.only_use_keys_in_metadata = False sec = sigver.security_context(conf) assertion = factory( saml.Assertion, version="2.0", id="id-11111", issue_instant="2009-10-30T13:20:28Z", signature=sigver.pre_signature_part("id-11111", sec.my_cert, 1), attribute_statement=do_attribute_statement( { ("", "", "surName"): ("Föö", ""), ("", "", "givenName"): ("Bär", ""), } ), ) > sigass = sec.sign_statement( assertion, class_name(assertion), key_file=PRIV_KEY, node_id=assertion.id, ) tests/test_40_sigver.py:901: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=FööBär' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-11111' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11111', '--output', '/tmp/tmpn7_wim4c.xml', '/tmp/tmpl2poq6j5.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpl2poq6j5.xml" output= _______________________ TestServer1.test_signed_response _______________________ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=0130f494b31e4b0587ee29b6409f87b951981acac85ebc6d55461cfc6378e6c6urn:mace:example.com:saml:roland:spDerekJeterderek@nyy.mlb.comThe man' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-0Gz9UUhm1VxQ0njSV' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmp_o0899i5.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmp_o0899i5.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_signed_response(self): name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id12") ava = {"givenName": ["Derek"], "sn": ["Jeter"], "mail": ["derek@nyy.mlb.com"], "title": "The man"} > signed_resp = self.server.create_authn_response( ava, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=name_id, sign_assertion=True, ) tests/test_50_server.py:441: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:760: in _response return signed_instance_factory(response, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=0130f494b31e4b0587ee29b6409f87b951981acac85ebc6d55461cfc6378e6c6urn:mace:example.com:saml:roland:spDerekJeterderek@nyy.mlb.comThe man' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-0Gz9UUhm1VxQ0njSV' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-0Gz9UUhm1VxQ0njSV', '--output', '/tmp/tmpqz4or8kp.xml', '/tmp/tmp_o0899i5.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmp_o0899i5.xml" output= ______________________ TestServer1.test_signed_response_1 ______________________ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=535b1dae80cfe5c102ea4ccc3cffb726e4f2b3c44166148d416b431013a564ddurn:mace:example.com:saml:roland:spDerekJeterderek@nyy.mlb.comThe man' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-RBcCGIcxbG1M41Xhs' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpt0aguj_s.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpt0aguj_s.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_signed_response_1(self): > signed_resp = self.server.create_authn_response( self.ava, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=self.name_id, sign_response=True, sign_assertion=True, ) tests/test_50_server.py:464: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:918: in _response return self.sign(response, to_sign=to_sign, sign_alg=sign_alg, digest_alg=digest_alg) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:524: in sign return signed_instance_factory(msg, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=535b1dae80cfe5c102ea4ccc3cffb726e4f2b3c44166148d416b431013a564ddurn:mace:example.com:saml:roland:spDerekJeterderek@nyy.mlb.comThe man' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-RBcCGIcxbG1M41Xhs' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-RBcCGIcxbG1M41Xhs', '--output', '/tmp/tmpnmi2j8hw.xml', '/tmp/tmpt0aguj_s.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpt0aguj_s.xml" output= ______________________ TestServer1.test_signed_response_2 ______________________ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idp535b1dae80cfe5c102ea4ccc3cffb726e4f2b3c44166148d416b431013a564ddurn:mace:example.com:saml:roland:spDerekJeterderek@nyy.mlb.comThe man' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:Response' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-Ziafb04JcgZIbuux2' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:Response', ...] extra_args = ['/tmp/tmp5lffp91u.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmp5lffp91u.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_signed_response_2(self): > signed_resp = self.server.create_authn_response( self.ava, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=self.name_id, sign_response=True, sign_assertion=False, ) tests/test_50_server.py:495: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:918: in _response return self.sign(response, to_sign=to_sign, sign_alg=sign_alg, digest_alg=digest_alg) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:524: in sign return signed_instance_factory(msg, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idp535b1dae80cfe5c102ea4ccc3cffb726e4f2b3c44166148d416b431013a564ddurn:mace:example.com:saml:roland:spDerekJeterderek@nyy.mlb.comThe man' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:Response' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-Ziafb04JcgZIbuux2' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:Response', '--node-id', 'id-Ziafb04JcgZIbuux2', '--output', '/tmp/tmps32s82v_.xml', '/tmp/tmp5lffp91u.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmp5lffp91u.xml" output= ______________________ TestServer1.test_signed_response_3 ______________________ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=535b1dae80cfe5c102ea4ccc3cffb726e4f2b3c44166148d416b431013a564ddurn:mace:example.com:saml:roland:spDerekJeterderek@nyy.mlb.comThe man' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-NDttN26JCBl65LyDm' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpu7n7gk8u.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpu7n7gk8u.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_signed_response_3(self): > signed_resp = self.server.create_authn_response( self.ava, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=self.name_id, sign_response=False, sign_assertion=True, ) tests/test_50_server.py:519: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:760: in _response return signed_instance_factory(response, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=535b1dae80cfe5c102ea4ccc3cffb726e4f2b3c44166148d416b431013a564ddurn:mace:example.com:saml:roland:spDerekJeterderek@nyy.mlb.comThe man' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-NDttN26JCBl65LyDm' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-NDttN26JCBl65LyDm', '--output', '/tmp/tmpk5w2eaqp.xml', '/tmp/tmpu7n7gk8u.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpu7n7gk8u.xml" output= _________________ TestServer1.test_encrypted_signed_response_1 _________________ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=535b1dae80cfe5c102ea4ccc3cffb726e4f2b3c44166148d416b431013a564ddurn:mace:example.com:saml:roland:spMIICujCCAiMCAQEwDQYJKoZIhvcNAQELBQAwbTELMAkGA1UEBhMCc2UxCzAJBgNV\nBAgMAmFjMQ0wCwYDVQQHDAR1bWVhMRwwGgYDVQQKDBNJVFMgVW1lYSBVbml2ZXJz\naXR5MQ0wCwYDVQQLDARESVJHMRUwEwYDVQQDDAxsb2NhbGhvc3QuY2EwHhcNMjQx\nMTE0MDk0NTU0WhcNMzQxMTEyMDk0NTU0WjBaMQswCQYDVQQGEwJzZTELMAkGA1UE\nCAwCYWMxDTALBgNVBAcMBFVtZWExDDAKBgNVBAoMA0lUUzENMAsGA1UECwwERElS\nRzESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAoqao0wGtqeWTOsu6Hod14xiVz0aF78b/ljubD+KgInJJCBNH8BoNwQpR\nvVEi2WCnW9CFfjHZLLTPPPeRhghRqAmNogpZqyjKUg8irSpXPiiReTTT5vC0bu0Q\nNkbVWJeZgQCge1+F/npVgB6R9QMeCuhMkAfXLuOIunfBIT3U+OjF65qz1bYP+dKg\nCTj4JV9+IQ0EVlSBq8ApZSGwswKe4oJ1Y2YBJlWcSbwaxtsQRTDwjlCFRp8b3jij\nzfVECYZ15ZND2fo8oX9vzvD9eXwg9ANfDdMZlwjW0ytlDt/2ZYVA0w7CwIezDeWc\nLqCcLwZmqybaMwKUu5vvfxKbp2NdkQIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAC96\nAvMKve1Xh7miHTNWI8BeU/Q5Nk5P2Vb56X7Q6J8Ztk/c+FAgO3woiaG0v+v0DHdu\nC+u3vrNagv5vLy3yHpeuFWpJt/V9VHorohtCjefGysSWhv9+m8+HDT6w45iAUULh\nXwA8eka1MJIrwj9ihZib6AnIma9LeaZD82C+Y6f3ZrTQg88XWKc/EBhCRO+yCagPMf67pMNxBKDlroOqXntI0czqqp+reUsZqnuI7tTl\nYICWVFYQxt47f9TQHqFRCR2NHLfHTzxuTSom6+E4eECbvIBhzA/IeR47oSQpNLBS\nyPsSV6megtqMM8R8tOuEWIl8QfnMX6GWVO3OOnDpe0RzeWwkk4qY+DB6wApN41v/\nUjrWttBdbF1He7rhI3vnWpjgtN6wU9vek6EhbIWRJyoLdpNj7Y9UxjCnMapeL8yc\nVWH1Nq3wIMtoQDkiUhazODVBLMBmE2yvi6CD6v72/uIXUzS8vQ1R5xNLPohvr6PL\nfTjTFrX0Oh3Kvm4vfNg0Pg==mlVSi1r5wLsMEKTDKSVwR8x+7UVojQucY4D+JEi1oygD+2diaOe4Zv8q3HS0JjUM\nM9KdRCorzJ06AzdPTGMG7ovYzGnEmgRwhhUbX+S/trD1PWxOAIF7TmZZIbG0l/IB\nlxzyx7BCuweLJb77XeSHJEuWs5BT/0AJRvmtnyY0VRvtRzhfW9m3R7v5R5SbdCXo\nMqR9UvGEojhSwR8qqAE+TEHORjjRRsGBNVx8brgzbDafFDPnN3EH7bMS9PdMA64L\nVh8uoJ+NNFNyupWKBPO47zLNr34+R6BOFSuFDGWx8ba/RH4XRbqsy7CWmAS8L4yw\nDtxnMFloYWg+qK+9s2mmoLQcSnQwU9neLq8vZZuxHQHx5yKQIdQ4K6p6TJJ+4ZsE\nTkXRvC9SagqpAG0Xicb2xMvE4dpNlVtV1cvuUXYy00IaScwxh+69EiJ9ssv+qK1p\nFwbpav/C0nwFP0/ejYdwulnojVshD7mE68nI0LWikwZCUABtofYIyB3aNs0FbHUW\n4jvpNgyfeTgACTM0NGYbqG2XukfEkm8hH5y0phkh8OnHGnXPCS2MRb2Gb1XCrH7A\nvzMNMEpkWdRvLS981IEhmzruhKOAVL7AsSTmourtqdPjDEhZ8h/DUykyd2Iub/I6\nR4AOXtDn8+HGP9X2qRk+QSyIbQ9AFEH34MwG0wL6wxzJVoh7JEE2radaZUYdlHMj\n9Xr94CmSKRqCr80zW6DF3MebTOB5/uWM55MOdP3w622dKGRIRaSpxk8MCiOvpZFz\n2dUd4E6I5VOLNhJkhdvH+JH9tYLjcsvcHxjlQsfyh0TDEIt+lA7/ziAUOiiIORrE\nyvSP8MWTrYZiBDU4dX2bW8EJyRhMsAO5Ucp3CQ2FX3keEoCP57QBVgnbm0Ffm25f\nNLy8A9WsjSf1xaODcf/vZK8NBFAW2mCD8FE7eObpjHbmxtYUC1iTIJslxRX2WD7U\nUTPLvdiRFick3Qb4G3X4pYJQIkcQgX063ekbq1es4ai3RQ56BQ2r8mq2hiPRTAMt\nj4ILdns+kE4z8TdzVoRu/TNPRxdhgEg+CpzRUKrj7dqttoQ6w9aAJITACOT4rcy2\nt4ZBwd4ATZlotq0uKPhWDcE/cpMh7bfYqf1j2ZKIuOHOmhdHCyWIJgfisERyqqvm\njRGDSpH1BWkbK5/ub+K/9utq1xOvU4C1bHhGVobD7WhhZeTSO4x64S9RPsnsUqfU\n5b6yJ6lS5mF0j/SdBQMjHa4J0w0WbzAuBG99rmtiOuiscSJu4iOZkVkMiWteD+le\nkZryqfwRDPsqDTUIa0LzjEkYmif01daioTkglZzEobpJjxTJTOqeHA2ctM/3DqpR\ny6rMQkSzAKEubTYIIU6hTgay6rld0av1WKy5f6gLmSrf45Tkj5K9VD8tuNzUf94O\nbFMX8lC1cttYztqnjO+2RwqXZiPCr0969XfUOhyHDQtr3Mt9OaeVZOUMynM6Xrgy\nNPhyooUaknqBc1WNTZkE38o6U2Aidns7nr37LjLM47deIshm2dEPoeBa9FFOrBRQ\ntVJup40ctk0pnLa1yoHKbuPZZ6GiZDYlXs+T8DTUGLDSntB/7HAMTJOVTEb3yjsz\nhdruDg0MyPhsl0UQpyUC5M/Gu/Mbu7X+juzB5fwA6ePPcODBX/pWUBzs1wFAfCpB\nNoYwS+eK/oAjzo/iYCqb/XUZoW//ctvwEC4UBwCaFtnCxBguCe0E/Z86oYHLfNT4\ni+7wQOyBL9xDerDKQcR4ndRMs0T/oC9O4stsAo1CwiJRlh+s0GUz1uL3ucdMJAA8\nCo4Fglf9Jno4e0d3pPRyOnw6ws3cdaOBWKeU5RfqUGaYvGgxVbkAZbIAaNIcM6xn\nDD7pu4yJZIYEVffOgPAW8lcl9gcBUau0yac+PQyK6pye501X+RWgCs4xj+yT7UFn\n9FDYSNqcY1xGbS4RZz6fCZkUOpCk/oTKc+scBPHXK619kj2lSKZiv0kQ9F7MblvT\nPZsn04XIddlZSzRmE1wFWk1Xj/xhahiHZ5R/ae8/CqxrHBtBwIug79x83/MPOWd8\nXkodOfc6mB6rJA/v+LsCwCg2r+P4NAg448vnt1PCeuTOCW7WX33i14B4imADMolp\n50JvhW9P9CmWxtqAt5qhH/fff7liYFCxwrnX5IdzI5oMxGWdSQj9twdSMgV2zqN0\nSTQnM1mVaBNg/MNtwbHwEScsfTpwlsLBivn3AaYDfQLeuqfuN670RdECKkkF9NHg\nJqIcSI9WYh4ozM+u2ztKuvlQtfR3cd/XBB1+n6hNczWVTS5mDTvTgDY88GrBJKPL\nXiDT0zfx/7zsVV2hrvZSeyan2zrhL0KY2PnchxUnO3gXXNw08mVmBPAGr7I7d9Ws\nE39i49JeFLpYw+qvqjM83xCsmO7HRjr16oQfZG3MAUiQrOpaKxo5cQ==' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-Alm0rti0RCzP4ENQT' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmp6dqun4d6.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmp6dqun4d6.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_encrypted_signed_response_1(self): cert_str, cert_key_str = generate_cert() > signed_resp = self.server.create_authn_response( self.ava, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=self.name_id, sign_response=True, sign_assertion=True, encrypt_assertion=False, encrypt_assertion_self_contained=True, pefim=True, encrypt_cert_advice=cert_str, ) tests/test_50_server.py:547: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:907: in _response response = signed_instance_factory(response, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=535b1dae80cfe5c102ea4ccc3cffb726e4f2b3c44166148d416b431013a564ddurn:mace:example.com:saml:roland:spMIICujCCAiMCAQEwDQYJKoZIhvcNAQELBQAwbTELMAkGA1UEBhMCc2UxCzAJBgNV\nBAgMAmFjMQ0wCwYDVQQHDAR1bWVhMRwwGgYDVQQKDBNJVFMgVW1lYSBVbml2ZXJz\naXR5MQ0wCwYDVQQLDARESVJHMRUwEwYDVQQDDAxsb2NhbGhvc3QuY2EwHhcNMjQx\nMTE0MDk0NTU0WhcNMzQxMTEyMDk0NTU0WjBaMQswCQYDVQQGEwJzZTELMAkGA1UE\nCAwCYWMxDTALBgNVBAcMBFVtZWExDDAKBgNVBAoMA0lUUzENMAsGA1UECwwERElS\nRzESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAoqao0wGtqeWTOsu6Hod14xiVz0aF78b/ljubD+KgInJJCBNH8BoNwQpR\nvVEi2WCnW9CFfjHZLLTPPPeRhghRqAmNogpZqyjKUg8irSpXPiiReTTT5vC0bu0Q\nNkbVWJeZgQCge1+F/npVgB6R9QMeCuhMkAfXLuOIunfBIT3U+OjF65qz1bYP+dKg\nCTj4JV9+IQ0EVlSBq8ApZSGwswKe4oJ1Y2YBJlWcSbwaxtsQRTDwjlCFRp8b3jij\nzfVECYZ15ZND2fo8oX9vzvD9eXwg9ANfDdMZlwjW0ytlDt/2ZYVA0w7CwIezDeWc\nLqCcLwZmqybaMwKUu5vvfxKbp2NdkQIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAC96\nAvMKve1Xh7miHTNWI8BeU/Q5Nk5P2Vb56X7Q6J8Ztk/c+FAgO3woiaG0v+v0DHdu\nC+u3vrNagv5vLy3yHpeuFWpJt/V9VHorohtCjefGysSWhv9+m8+HDT6w45iAUULh\nXwA8eka1MJIrwj9ihZib6AnIma9LeaZD82C+Y6f3ZrTQg88XWKc/EBhCRO+yCagPMf67pMNxBKDlroOqXntI0czqqp+reUsZqnuI7tTl\nYICWVFYQxt47f9TQHqFRCR2NHLfHTzxuTSom6+E4eECbvIBhzA/IeR47oSQpNLBS\nyPsSV6megtqMM8R8tOuEWIl8QfnMX6GWVO3OOnDpe0RzeWwkk4qY+DB6wApN41v/\nUjrWttBdbF1He7rhI3vnWpjgtN6wU9vek6EhbIWRJyoLdpNj7Y9UxjCnMapeL8yc\nVWH1Nq3wIMtoQDkiUhazODVBLMBmE2yvi6CD6v72/uIXUzS8vQ1R5xNLPohvr6PL\nfTjTFrX0Oh3Kvm4vfNg0Pg==mlVSi1r5wLsMEKTDKSVwR8x+7UVojQucY4D+JEi1oygD+2diaOe4Zv8q3HS0JjUM\nM9KdRCorzJ06AzdPTGMG7ovYzGnEmgRwhhUbX+S/trD1PWxOAIF7TmZZIbG0l/IB\nlxzyx7BCuweLJb77XeSHJEuWs5BT/0AJRvmtnyY0VRvtRzhfW9m3R7v5R5SbdCXo\nMqR9UvGEojhSwR8qqAE+TEHORjjRRsGBNVx8brgzbDafFDPnN3EH7bMS9PdMA64L\nVh8uoJ+NNFNyupWKBPO47zLNr34+R6BOFSuFDGWx8ba/RH4XRbqsy7CWmAS8L4yw\nDtxnMFloYWg+qK+9s2mmoLQcSnQwU9neLq8vZZuxHQHx5yKQIdQ4K6p6TJJ+4ZsE\nTkXRvC9SagqpAG0Xicb2xMvE4dpNlVtV1cvuUXYy00IaScwxh+69EiJ9ssv+qK1p\nFwbpav/C0nwFP0/ejYdwulnojVshD7mE68nI0LWikwZCUABtofYIyB3aNs0FbHUW\n4jvpNgyfeTgACTM0NGYbqG2XukfEkm8hH5y0phkh8OnHGnXPCS2MRb2Gb1XCrH7A\nvzMNMEpkWdRvLS981IEhmzruhKOAVL7AsSTmourtqdPjDEhZ8h/DUykyd2Iub/I6\nR4AOXtDn8+HGP9X2qRk+QSyIbQ9AFEH34MwG0wL6wxzJVoh7JEE2radaZUYdlHMj\n9Xr94CmSKRqCr80zW6DF3MebTOB5/uWM55MOdP3w622dKGRIRaSpxk8MCiOvpZFz\n2dUd4E6I5VOLNhJkhdvH+JH9tYLjcsvcHxjlQsfyh0TDEIt+lA7/ziAUOiiIORrE\nyvSP8MWTrYZiBDU4dX2bW8EJyRhMsAO5Ucp3CQ2FX3keEoCP57QBVgnbm0Ffm25f\nNLy8A9WsjSf1xaODcf/vZK8NBFAW2mCD8FE7eObpjHbmxtYUC1iTIJslxRX2WD7U\nUTPLvdiRFick3Qb4G3X4pYJQIkcQgX063ekbq1es4ai3RQ56BQ2r8mq2hiPRTAMt\nj4ILdns+kE4z8TdzVoRu/TNPRxdhgEg+CpzRUKrj7dqttoQ6w9aAJITACOT4rcy2\nt4ZBwd4ATZlotq0uKPhWDcE/cpMh7bfYqf1j2ZKIuOHOmhdHCyWIJgfisERyqqvm\njRGDSpH1BWkbK5/ub+K/9utq1xOvU4C1bHhGVobD7WhhZeTSO4x64S9RPsnsUqfU\n5b6yJ6lS5mF0j/SdBQMjHa4J0w0WbzAuBG99rmtiOuiscSJu4iOZkVkMiWteD+le\nkZryqfwRDPsqDTUIa0LzjEkYmif01daioTkglZzEobpJjxTJTOqeHA2ctM/3DqpR\ny6rMQkSzAKEubTYIIU6hTgay6rld0av1WKy5f6gLmSrf45Tkj5K9VD8tuNzUf94O\nbFMX8lC1cttYztqnjO+2RwqXZiPCr0969XfUOhyHDQtr3Mt9OaeVZOUMynM6Xrgy\nNPhyooUaknqBc1WNTZkE38o6U2Aidns7nr37LjLM47deIshm2dEPoeBa9FFOrBRQ\ntVJup40ctk0pnLa1yoHKbuPZZ6GiZDYlXs+T8DTUGLDSntB/7HAMTJOVTEb3yjsz\nhdruDg0MyPhsl0UQpyUC5M/Gu/Mbu7X+juzB5fwA6ePPcODBX/pWUBzs1wFAfCpB\nNoYwS+eK/oAjzo/iYCqb/XUZoW//ctvwEC4UBwCaFtnCxBguCe0E/Z86oYHLfNT4\ni+7wQOyBL9xDerDKQcR4ndRMs0T/oC9O4stsAo1CwiJRlh+s0GUz1uL3ucdMJAA8\nCo4Fglf9Jno4e0d3pPRyOnw6ws3cdaOBWKeU5RfqUGaYvGgxVbkAZbIAaNIcM6xn\nDD7pu4yJZIYEVffOgPAW8lcl9gcBUau0yac+PQyK6pye501X+RWgCs4xj+yT7UFn\n9FDYSNqcY1xGbS4RZz6fCZkUOpCk/oTKc+scBPHXK619kj2lSKZiv0kQ9F7MblvT\nPZsn04XIddlZSzRmE1wFWk1Xj/xhahiHZ5R/ae8/CqxrHBtBwIug79x83/MPOWd8\nXkodOfc6mB6rJA/v+LsCwCg2r+P4NAg448vnt1PCeuTOCW7WX33i14B4imADMolp\n50JvhW9P9CmWxtqAt5qhH/fff7liYFCxwrnX5IdzI5oMxGWdSQj9twdSMgV2zqN0\nSTQnM1mVaBNg/MNtwbHwEScsfTpwlsLBivn3AaYDfQLeuqfuN670RdECKkkF9NHg\nJqIcSI9WYh4ozM+u2ztKuvlQtfR3cd/XBB1+n6hNczWVTS5mDTvTgDY88GrBJKPL\nXiDT0zfx/7zsVV2hrvZSeyan2zrhL0KY2PnchxUnO3gXXNw08mVmBPAGr7I7d9Ws\nE39i49JeFLpYw+qvqjM83xCsmO7HRjr16oQfZG3MAUiQrOpaKxo5cQ==' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-Alm0rti0RCzP4ENQT' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-Alm0rti0RCzP4ENQT', '--output', '/tmp/tmpqlw2h6ty.xml', '/tmp/tmp6dqun4d6.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmp6dqun4d6.xml" output= _________________ TestServer1.test_encrypted_signed_response_2 _________________ self = statement = '\nurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=MIICHzCCAYgCAQEwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UEBhMCenoxCzAJBgNV\nBAgMAnp6MQ0wCwYDVQQHDAR6enp6MQ4wDAYDVQQKDAVaenp6ejEOMAwGA1UECwwF\nWnp6enoxDTALBgNVBAMMBHRlc3QwHhcNMTUwNjAyMDc0MzAxWhcNMjUwNTMwMDc0\nMzAxWjBYMQswCQYDVQQGEwJ6ejELMAkGA1UECAwCenoxDTALBgNVBAcMBHp6enox\nDjAMBgNVBAoMBVp6enp6MQ4wDAYDVQQLDAVaenp6ejENMAsGA1UEAwwEdGVzdDCB\nnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA41tJCTPuG2lirbztuGbBlzbzSipM\nEzM+zluWegUaoUjqtlgNHOTQqTJOqw/GdjkxRKJT6IxI3/HVcnfw7P4a4xSkL/ME\nIG3VyzedWEyLIHeofoQSTvr84ZdD0+Gk+zNCSqOQC7UuqpOLbMKK1tgZ8Mr7BkgI\np8H3lreLf29Sd5MCAwEAATANBgkqhkiG9w0BAQsFAAOBgQB0EXxy5+hsB7Rid7Gy\nCZrAObpaC4nbyPPW/vccFKmEkYtlygEPgky7D9AGsVSaTc/YxPZcanY+vKoRIsiR\n6ZitIUU5b+NnHcdj6289tUQ0iHj5jgVyv8wYHvPntTnqH2S7he0talLER8ITYToh\n2wz3u7waz/GypMeA/suhoEfxew==XRp8+SbDgwLYwEstamNM3cuZLm2s0aDmYrfFO85c3V5QY1wRJut18yeB4f3pYZTe\n0vEwiag2CVA6NzdKgDar0/j2LQ68TnspQ0Pv5Dq0RS8GkrcW3PdeyOM4zzWyp8XK\nt520vsuS6GuAdWllbBIyw9fSEg2FbJkdLvlLzWmofL0=sEP/J40zQlj/wOAj40i5Z3yWjPYDRBqw0muM5TucTxvatKvsvxJaugLA2QtlWnKB\nFp3GGk573TGHy60B4jXHu50a3+29oBlelwsMTIySxLxGUbt7lJjJTmdK/hRkUAt6\ndvPn8IUj7Z6t4MoaKHWdgW+mD6mF2fi6w2uQ3hWc/H2a7p5nwdjKo8LRCllzU6L1\n49cqMZD/KQTO53gu4LOXHtQZgRXXeV7FuOxLMylxH7gzHOoO4vOWvQHMib4pqZBz\nkPDNrgOp2yR5UumUh3CbGPKsmeu8nKmNMMo/sbT2vKd6/HO/I0v5twfevT7Dg3BN\njwguqSfWvE3Vlh83HeHJquFhyp50N3RccI4SPvjuTJJ6Orfi/Hs5UE34Fe37Yswc\nrNbS1Nf6NQwvNwcAXhrO7C01XXJY/Ot97cPW03T6zuFQg3CrbC46dS9t0ddtmdjL\n52azbmOQt4yn7TmYwIGYVHP0Z7k7WITJylwF9USHyTimZVKCGOjnkVprlZ2dxwF0\nBGq7a+tpKxM9OU0ghe4xErIEZLATR25idWXqZh6D0cepcB646FH0aWhJz8wGydt5\nbvBoIXf9dO0OgaCWlFx7fd9sax0j4xe+wK3CsjqkrYUcOCZmOknopz4a16CIIoIA\n+cznynAhTHSI7eoqmFU6XnbxKjhpE6Pe8WUZbYdFXshXnem8kajX0Qm/cNFD4EB0\nx0jQx8qjOrydeyOBPp5kJl7lu8ft4osYLncj6IpS/F33WArBz7GfQW0amZZ2jPxG\nsXcrbxai1hSmj7cpzSe+y9i/0uUtqnSkwxO2WbRV7Tu3gN2xHe8XTPE229e5n49D\nTeIsG6JMNus8KbIjrQkAHwtvJKM1/5jvBmElJYi+zwLZ1fPVYHfN9FLXvBb1JBC8\nkkGPvZymsrR4FHAqmRKqeqPODX9zdfq+zsVyiNFYqjhg4jcVUIZtEBNE4TrWP2JO\nMX41VrnA8cPx91o017nUP9FOp1oixrw9liaqn1x+FVAQXgNvG8fE2mYu1uEV9Vik\nrisbDTdOmxfEuAIP0B6G7dmXAaW4Y+FHxO5JrpcIoXCm/A/Bqkz+USK9d8tuSeLb\nbufCtj+m/X1GEdCLC4zaBNJUxg2gy5wJtPEjE7Y/SeXW3LkwrJ3J2IzAMi981LKA\nxsqqHktRxSYIa434ItArQcpMnqzCxspu1P2Y4e4fpOFt6BkLyRPNcFWDWYz16kFC\n5VsrC59fjREibmL5KqZ/NcyiZk2zAloEXhFJetg1v83tvFsnmR9htsXDZocrSoBe\nA6t82dDBNWgi3XOJn5cgBRYgU5wDXuL0Z13KwwuCNgSmttmk1Vlbka21GLyMk3XK\nlrjPUkT53DjxZemHf1k86P+1CBlYhTLANM5hXgvXuxhGgFMPD+dMXuGY/DlmgMjg\nfRT+WqeJpjNLhNQdzxMGDD5mQYXQikBaj4sn5F3ukDAeOP6gbOHKXy5eaaBNbl7H\n1llLcpBr+ZVYfR/hBClo0cIxI+KR+FG6cFlzzzIigusEromds6r1HKs7WfBQWHXc\nT/ibR8l0mi6rGp7kt0mrRtsWxYyuvmw8xRffLc6MMWgV2oY04rXGokv5mKSsgAqQ\nVnDxBIkEfIX5VwS1vu+JVhaNENyT4pwACZEnUqabHhc43kGG68cPezOH/7ztc1uf\nEVkCou1AyCLO2LFXJBkjZUDXMgCK6ZQpYOFWTMvJ0/dtiDCZSEy32yKzQG+WBbgH\nmj3l9F4ZQYxgg26eLSUNRFAgDUyRasKHJbhdCJG3ApsIhYDKp0uF4rNdtdUfqB89\n30dQ+1/UuJNhECGgCnjmhn/xPZE/g9MGIWFSOs2Ec1NbuqBNag4UEgjvc6sXAx2j\n3obtdxPCWzzxpjIb1lOolCTjCl5pz5Iho3ei/Ti1Ay6Wr0O4AwNrBobniqHQOy0t\nEjSL358aKlE08psuLMiD5f/x2LTodpFl/+yyZg+jt1Ibz8UjvbiCY+EJJv7VUIWV\ng+Xu+K87Q4dAOVETaxbJL7PlMnF4lzbn9LkCYBekrLdGtuaQ0/hTk7zuZcEwhuuY\nX8Ey7OsATutxFDWVF912ocm1tnfLYdkyPiB63fXltBV/3LqnX4MXKlB3smWGUw77\nURmmaTwyQ76UanP1IhJUAo9dAwwHzHHhXBkE3j5ebJEE27FvFC3C9AMhrOnvYjBF\nPs449oXuS8cm2WqvtcLoYFi39kyFKDE1Vva6Ulnk5QehW3NgRy6EvvlD8UMew92k\nr0HVq39vFvx9cAujaMM1298FRLAc3bdVCu/R6nnaqGzBa/T+Ey0A6rYGrXLPX+tF\n9gbo0V8Vg7AqYCJlrKpuJrjY8rDnskzN5fl6MbL8UvDhi4EiuMMKXYjqdABiBqHN\n6j4v2XEYkN3OZSLopJqP9+VoZMa6B7be0mu1Q+utHWxDu0gbSrMSsnhU974jxYAG\nsxL7WWFfjYWnEggnHNpcN4Ek/7ECfYyCHoFfdJTPeohhKGNq3vxP2DdqfqdDZR8m\nAnH/XD0LfdFKzmwM5PCFhPig7ilhpxuIxnQxsPvjHct+DpuTG4P0eT+gx5XQjjFU\nKd/mXcBcipEf+Mvut36agUS+484LK7Se604ofjVkVKgjfdsrhfm3z7pFDz8Pw9Ps\nD4GL47Vblz1T3NYvSY+PwkUnr1yOkv7dPuYEMKZV6dimhuWcfTkdOy1ksCqpUuVM\n/akYa1465KndmlC7z+dgiK7wyVcAYOp4AV9Dzkf5BoPDn+s2WMIs7c+Iot/Qra1U\n0SfC7he+vma4adX7/rUh7iHHDgLav1E/5HPcU65op6J/wKcfRQWO7xUr3obj9vHd\ndd9LOIXH0Zp842KMtR5pN5jGHf73GtbXYu9oKyNsQSIi/6/utC13qfj0Dz+fpMdf\nlGLDgcbkOAgi7LMgkHarPWJjywmQUR5Qb8cMtVYtj35zGURunkIuLA==\n' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:Response' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-DpIWKDnCJP0bAL0TS' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:Response', ...] extra_args = ['/tmp/tmpa1d38zdw.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpa1d38zdw.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_encrypted_signed_response_2(self): cert_str, cert_key_str = generate_cert() > signed_resp = self.server.create_authn_response( self.ava, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=self.name_id, sign_response=True, sign_assertion=False, encrypt_assertion=True, encrypt_assertion_self_contained=True, ) tests/test_50_server.py:605: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:912: in _response return signed_instance_factory(response, self.sec, sign_class) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = '\nurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=MIICHzCCAYgCAQEwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UEBhMCenoxCzAJBgNV\nBAgMAnp6MQ0wCwYDVQQHDAR6enp6MQ4wDAYDVQQKDAVaenp6ejEOMAwGA1UECwwF\nWnp6enoxDTALBgNVBAMMBHRlc3QwHhcNMTUwNjAyMDc0MzAxWhcNMjUwNTMwMDc0\nMzAxWjBYMQswCQYDVQQGEwJ6ejELMAkGA1UECAwCenoxDTALBgNVBAcMBHp6enox\nDjAMBgNVBAoMBVp6enp6MQ4wDAYDVQQLDAVaenp6ejENMAsGA1UEAwwEdGVzdDCB\nnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA41tJCTPuG2lirbztuGbBlzbzSipM\nEzM+zluWegUaoUjqtlgNHOTQqTJOqw/GdjkxRKJT6IxI3/HVcnfw7P4a4xSkL/ME\nIG3VyzedWEyLIHeofoQSTvr84ZdD0+Gk+zNCSqOQC7UuqpOLbMKK1tgZ8Mr7BkgI\np8H3lreLf29Sd5MCAwEAATANBgkqhkiG9w0BAQsFAAOBgQB0EXxy5+hsB7Rid7Gy\nCZrAObpaC4nbyPPW/vccFKmEkYtlygEPgky7D9AGsVSaTc/YxPZcanY+vKoRIsiR\n6ZitIUU5b+NnHcdj6289tUQ0iHj5jgVyv8wYHvPntTnqH2S7he0talLER8ITYToh\n2wz3u7waz/GypMeA/suhoEfxew==XRp8+SbDgwLYwEstamNM3cuZLm2s0aDmYrfFO85c3V5QY1wRJut18yeB4f3pYZTe\n0vEwiag2CVA6NzdKgDar0/j2LQ68TnspQ0Pv5Dq0RS8GkrcW3PdeyOM4zzWyp8XK\nt520vsuS6GuAdWllbBIyw9fSEg2FbJkdLvlLzWmofL0=sEP/J40zQlj/wOAj40i5Z3yWjPYDRBqw0muM5TucTxvatKvsvxJaugLA2QtlWnKB\nFp3GGk573TGHy60B4jXHu50a3+29oBlelwsMTIySxLxGUbt7lJjJTmdK/hRkUAt6\ndvPn8IUj7Z6t4MoaKHWdgW+mD6mF2fi6w2uQ3hWc/H2a7p5nwdjKo8LRCllzU6L1\n49cqMZD/KQTO53gu4LOXHtQZgRXXeV7FuOxLMylxH7gzHOoO4vOWvQHMib4pqZBz\nkPDNrgOp2yR5UumUh3CbGPKsmeu8nKmNMMo/sbT2vKd6/HO/I0v5twfevT7Dg3BN\njwguqSfWvE3Vlh83HeHJquFhyp50N3RccI4SPvjuTJJ6Orfi/Hs5UE34Fe37Yswc\nrNbS1Nf6NQwvNwcAXhrO7C01XXJY/Ot97cPW03T6zuFQg3CrbC46dS9t0ddtmdjL\n52azbmOQt4yn7TmYwIGYVHP0Z7k7WITJylwF9USHyTimZVKCGOjnkVprlZ2dxwF0\nBGq7a+tpKxM9OU0ghe4xErIEZLATR25idWXqZh6D0cepcB646FH0aWhJz8wGydt5\nbvBoIXf9dO0OgaCWlFx7fd9sax0j4xe+wK3CsjqkrYUcOCZmOknopz4a16CIIoIA\n+cznynAhTHSI7eoqmFU6XnbxKjhpE6Pe8WUZbYdFXshXnem8kajX0Qm/cNFD4EB0\nx0jQx8qjOrydeyOBPp5kJl7lu8ft4osYLncj6IpS/F33WArBz7GfQW0amZZ2jPxG\nsXcrbxai1hSmj7cpzSe+y9i/0uUtqnSkwxO2WbRV7Tu3gN2xHe8XTPE229e5n49D\nTeIsG6JMNus8KbIjrQkAHwtvJKM1/5jvBmElJYi+zwLZ1fPVYHfN9FLXvBb1JBC8\nkkGPvZymsrR4FHAqmRKqeqPODX9zdfq+zsVyiNFYqjhg4jcVUIZtEBNE4TrWP2JO\nMX41VrnA8cPx91o017nUP9FOp1oixrw9liaqn1x+FVAQXgNvG8fE2mYu1uEV9Vik\nrisbDTdOmxfEuAIP0B6G7dmXAaW4Y+FHxO5JrpcIoXCm/A/Bqkz+USK9d8tuSeLb\nbufCtj+m/X1GEdCLC4zaBNJUxg2gy5wJtPEjE7Y/SeXW3LkwrJ3J2IzAMi981LKA\nxsqqHktRxSYIa434ItArQcpMnqzCxspu1P2Y4e4fpOFt6BkLyRPNcFWDWYz16kFC\n5VsrC59fjREibmL5KqZ/NcyiZk2zAloEXhFJetg1v83tvFsnmR9htsXDZocrSoBe\nA6t82dDBNWgi3XOJn5cgBRYgU5wDXuL0Z13KwwuCNgSmttmk1Vlbka21GLyMk3XK\nlrjPUkT53DjxZemHf1k86P+1CBlYhTLANM5hXgvXuxhGgFMPD+dMXuGY/DlmgMjg\nfRT+WqeJpjNLhNQdzxMGDD5mQYXQikBaj4sn5F3ukDAeOP6gbOHKXy5eaaBNbl7H\n1llLcpBr+ZVYfR/hBClo0cIxI+KR+FG6cFlzzzIigusEromds6r1HKs7WfBQWHXc\nT/ibR8l0mi6rGp7kt0mrRtsWxYyuvmw8xRffLc6MMWgV2oY04rXGokv5mKSsgAqQ\nVnDxBIkEfIX5VwS1vu+JVhaNENyT4pwACZEnUqabHhc43kGG68cPezOH/7ztc1uf\nEVkCou1AyCLO2LFXJBkjZUDXMgCK6ZQpYOFWTMvJ0/dtiDCZSEy32yKzQG+WBbgH\nmj3l9F4ZQYxgg26eLSUNRFAgDUyRasKHJbhdCJG3ApsIhYDKp0uF4rNdtdUfqB89\n30dQ+1/UuJNhECGgCnjmhn/xPZE/g9MGIWFSOs2Ec1NbuqBNag4UEgjvc6sXAx2j\n3obtdxPCWzzxpjIb1lOolCTjCl5pz5Iho3ei/Ti1Ay6Wr0O4AwNrBobniqHQOy0t\nEjSL358aKlE08psuLMiD5f/x2LTodpFl/+yyZg+jt1Ibz8UjvbiCY+EJJv7VUIWV\ng+Xu+K87Q4dAOVETaxbJL7PlMnF4lzbn9LkCYBekrLdGtuaQ0/hTk7zuZcEwhuuY\nX8Ey7OsATutxFDWVF912ocm1tnfLYdkyPiB63fXltBV/3LqnX4MXKlB3smWGUw77\nURmmaTwyQ76UanP1IhJUAo9dAwwHzHHhXBkE3j5ebJEE27FvFC3C9AMhrOnvYjBF\nPs449oXuS8cm2WqvtcLoYFi39kyFKDE1Vva6Ulnk5QehW3NgRy6EvvlD8UMew92k\nr0HVq39vFvx9cAujaMM1298FRLAc3bdVCu/R6nnaqGzBa/T+Ey0A6rYGrXLPX+tF\n9gbo0V8Vg7AqYCJlrKpuJrjY8rDnskzN5fl6MbL8UvDhi4EiuMMKXYjqdABiBqHN\n6j4v2XEYkN3OZSLopJqP9+VoZMa6B7be0mu1Q+utHWxDu0gbSrMSsnhU974jxYAG\nsxL7WWFfjYWnEggnHNpcN4Ek/7ECfYyCHoFfdJTPeohhKGNq3vxP2DdqfqdDZR8m\nAnH/XD0LfdFKzmwM5PCFhPig7ilhpxuIxnQxsPvjHct+DpuTG4P0eT+gx5XQjjFU\nKd/mXcBcipEf+Mvut36agUS+484LK7Se604ofjVkVKgjfdsrhfm3z7pFDz8Pw9Ps\nD4GL47Vblz1T3NYvSY+PwkUnr1yOkv7dPuYEMKZV6dimhuWcfTkdOy1ksCqpUuVM\n/akYa1465KndmlC7z+dgiK7wyVcAYOp4AV9Dzkf5BoPDn+s2WMIs7c+Iot/Qra1U\n0SfC7he+vma4adX7/rUh7iHHDgLav1E/5HPcU65op6J/wKcfRQWO7xUr3obj9vHd\ndd9LOIXH0Zp842KMtR5pN5jGHf73GtbXYu9oKyNsQSIi/6/utC13qfj0Dz+fpMdf\nlGLDgcbkOAgi7LMgkHarPWJjywmQUR5Qb8cMtVYtj35zGURunkIuLA==\n' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:Response' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-DpIWKDnCJP0bAL0TS' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:Response', '--node-id', 'id-DpIWKDnCJP0bAL0TS', '--output', '/tmp/tmp7yggpw1e.xml', '/tmp/tmpa1d38zdw.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpa1d38zdw.xml" output= _________________ TestServer1.test_encrypted_signed_response_3 _________________ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=535b1dae80cfe5c102ea4ccc3cffb726e4f2b3c44166148d416b431013a564ddurn:mace:example.com:saml:roland:spDerekJeterderek@nyy.mlb.comThe man' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-uYbYYgcAtHSgiTbLx' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmp2p6lbgax.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmp2p6lbgax.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_encrypted_signed_response_3(self): cert_str, cert_key_str = generate_cert() > signed_resp = self.server.create_authn_response( self.ava, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=self.name_id, sign_response=True, sign_assertion=True, encrypt_assertion=True, encrypt_assertion_self_contained=False, encrypt_cert_assertion=cert_str, ) tests/test_50_server.py:650: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:900: in _response response = signed_instance_factory(response, self.sec, to_sign_assertion) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=535b1dae80cfe5c102ea4ccc3cffb726e4f2b3c44166148d416b431013a564ddurn:mace:example.com:saml:roland:spDerekJeterderek@nyy.mlb.comThe man' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-uYbYYgcAtHSgiTbLx' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-uYbYYgcAtHSgiTbLx', '--output', '/tmp/tmpm2k74ivo.xml', '/tmp/tmp2p6lbgax.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmp2p6lbgax.xml" output= _________________ TestServer1.test_encrypted_signed_response_4 _________________ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=535b1dae80cfe5c102ea4ccc3cffb726e4f2b3c44166148d416b431013a564ddurn:mace:example.com:saml:roland:spMIICujCCAiMCAQEwDQYJKoZIhvcNAQELBQAwbTELMAkGA1UEBhMCc2UxCzAJBgNV\nBAgMAmFjMQ0wCwYDVQQHDAR1bWVhMRwwGgYDVQQKDBNJVFMgVW1lYSBVbml2ZXJz\naXR5MQ0wCwYDVQQLDARESVJHMRUwEwYDVQQDDAxsb2NhbGhvc3QuY2EwHhcNMjQx\nMTE0MDk0NTU0WhcNMzQxMTEyMDk0NTU0WjBaMQswCQYDVQQGEwJzZTELMAkGA1UE\nCAwCYWMxDTALBgNVBAcMBFVtZWExDDAKBgNVBAoMA0lUUzENMAsGA1UECwwERElS\nRzESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEApmhWTunG2J0n6DUqE/W1m1n30q/OQ8LTFKNkfMTJDwhyE6pWi8jmerj1\nAV4bxptuStwAImtl8ZyCsoWunI4DI4v7u8FZtl7Zp54NO7UPfksbPUEl3GDiT/Nw\ndd4hu68zlgjc6WsWl29rlf0PksbrRWu3H+zX2ytDjOke5NKDMuX8JpsoZLpzbO8C\nvq0cZq/wWPvmwD6mOx5USbM07Ir9EVl/ETFnP2jDUrLNWuUhUZF7XOU+wD50rdpg\nAs02Hyx/y8P95+26q4p2AmAjkdj+i1KTIpx21GXSN+x8jW0aUr2hYw+i84xcdgQ/\n3zufWK+XMKOCsmEY9gYFmKuW3SWOrQIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAAPH\n9ARWnuC1BM1iCBz1dzp2TZnLar+5ENgBX0k7EV/X37iHgihMctcsrxgL3u9qt3tT\n6dEOuoKy6ecg8BOEF9MJb4kuSN1xUFBLijvjL//xO3KQLL8adqPupuNfyP1xXYCS\nQfVBuQAcf4V7jZ+L06eTIEcF7auCQJ+Yjn8shwCNHSP60dCZoC9jIx12clAIPJl6kdiA7zmclZz1Yked81lIX27qfu5FWDvCqafC5uPi\nheTLS7ggai92RbyieM+jna6oSBXGRT2JzuWtp4gZk/G/YRUxDqJVmgtvNJZtXcCG\nFBYWrbL0r1FFVaJSOjyY3J09P5sAh+RFNZKv9sgyo1P7KeAcFfNovyP+T/SDId+q\nYevrFtAwMuv7cPb70LxkoieUlUCs5j1qCdySZRNCagbi7qlRpA6415gaHbm1bU0k\nJnuc6SdXXi+lBR5lJ0sfkXSWU5WCfDh7cc5BZiXoE2kB6lKnfM2tyOhTgsVefZty\n2C3ATHLO1+19fmkoSrEgmw==zNb0y+Sn3vl8pXTDwsycstmWVpZkATciVPC3pDAQnYwBMuqfRtIrjiTeVcAX9i4C\nWKV/1agQ74zbCfDKi4ntHfgH62MVCDTwB2YVFVMgNOZK8lMyvGwpvkKUb44gFsQY\nNQ1RMj33NKAm4NOUxi+F4z0BB3HAxr3XzUwtOwGDJGf/n3ubz9mJQMLm6ChtplGw\nHVA6k1mt9D8qyQj+od3rdsokRKfpFUIbN+5G+sLBAcB97PE5KI8qdYoySvjPbOXw\nDVP43dgV5SEP8K2e/U5K34x+JffHg/b6NMBX6vLwGzhoe43gMH5ubIxERxXBrykM\n4i6aFU70LGqcvDLKa+o9oDZDbGv4uwvQzT/1FCMIvvPtUkSGG+TWIoB5SQSG2La/\nylgw2yDzcCVMFpFSe7rl5ZddjLFVnQP51radRnASXUB+sXlSKGdzt21GNwLfU+Ma\ncSxkajD31IRGkznH+QohGlvEiT3KJtRmqW5tVmB/STo0uvZRr+Y0fQscfekgeFsZ\nNZRnqCJdJyIXb8cPjWw1dxQShVH2xnRIrMSTKzYS/2vo00ykm15Oiifllzvrr2X5\noD50IVoG0dnW5rJts80BGvkg/Aqyt1VhGQW8EO4BKMe2c7PpHMIBvOlhASXwYQ3o\nYOX9K9fg7WfYY0jJau884tx6oXpvWNWdQDtVNkFyKHGouHsh+Q3zOI1DisScZ+R5\nc1AMOxaascnmKR/6JKuP9u4jNHEsq8/rB295hDrN+VpdaoQOOi6rPZ0sZyi4V3EC\nYkXfg98/5RiRXXFJPmhLZyqDPq8ZaF1VJdi/IOHO/t1BvB9449mkTjY3WQx8swqy\nVZj/Ppj0mjdX3rUEoboKIveuy6mALipoRMgJ7gU2X9gQBPBjvvQIVc9hMdmRs353\nsdwHzmatIIQVC597GObrhXuRPXWUOGwrEXy3fL16B4K8lWsXYkxu280PEn/vHbg3\nfuyBPaKGsRo7A2tVXGSTTf6/A9G9OsHZlEfm7AM7PqlElnR5eVi+lJXElO+2Z44e\nDnEZ+OyQ3p+w7vXneMqeM+ObciaDgfIMdRrKOS6uEptbNz+F+vTUjxMgQSabddFq\nKZSZiUr7ZUXvy1jcDg37zCU+DjKd1Ip7FhhtblKqdpy8x+a40W19PKjq9Xh/0myW\nhB2Gdzuyp17GjC33YbfnCKRS1sGOu6eX4e62syMPvqmUv0VQ9yj+LugNyI7/nFqT\nn3D913WO6crP7fq3ggQ7mRYvM3HxZ4IY9ttS3e0P5x4vUFj1Hy9wIEm9jZ9Uqdi2\nWmncs2Fd26Hs72QoVVB1AYuGz2L7roibqJlMpsgkkNY+RIzgnNfBnuo/DzvOfJjJ\nDN7dgK3Eu1TDsklHcKEWEakS5zbG/evNfH+pcImcZJNPbZw0GWc1498QqBtRoE/5\nUpL1Dw0xN1pBySuDKi8+Mk+Rld4K57nRRoInspRbuPJCC2Wen0auObH8ug8KBdde\nsk81Nu+ozOv3kJGslbF6XZ+uJY4bWeM/XWeU4TkpBp31NeNr0SU4Lk0/p+1weliM\niGWPeV5etx10xgvOoSx0fULl+ZAoSAitd59p8vvxtY91WHdLuG+LsLTogwXlCvXy\nUdbtVHh/4evSBOTqDmelGPNhVM7Fz2fN6V639jPaaSm/TFEWzQlUEIjH5q07aY4+\n2rGrujn6xq+AeTRLuGiwBzq7x1q67KgTIWKb8rgarl4pOk9zrqcpuRIGEOhJbrtV\nugfGeGbVQ3J/RV2+X+/DgLmRCWcZ9Yt0p/qvyqgYmiOGn2+dixamv6KhHaO7122z\nOwmiLJJDYjFnqy+mLPpZBabppSlN4Ubk9tEowPLm1HuuRf5sH+hArZyVBiodwJIc\n8D0e/hDKPF5oGruya++lD3gDXog/0vA2FV8909X7OAX7gjQdd+6wmsGAa9YDW7x7\niYySkRLBB1TBTPTSrtjnnb1oArtYtheEmk68hfWsjs4ykKW3RwIKP5s7Mt7mMe+B\nSJ5BtKz2OMD0mRs54qV5zcvDgkaYoEb+DlC4ZRPZsK0qqdJDRvQMgBymS03vrs6N\nCd67PJ1BvcNv7OOTzDE+xqaJZBlrRbxa+ZsM9TMbhBveXQHnrxK2UKM4a15m2O0J\n/s/hOOrbK2GBcg76dfvxyEirxfXuqDN0VXkEs9303Wl9eHr+nOY6ll217g0uxDk8\nmNZAm+GzDsI0HzqzoweZxqzbWHaOXN8ny34PTkR0zpr1js4J43iGq5t+sLTinDeU\nyMWDZBqxNtZUCyNyxo6OIDO370v/lXu+qHBfZqQqqKxpWeFKYDhn1TdC3n5mhIVp\ns8F72CrOq0VFpWG/+1sePvu5msnL52HdWHSyFpDQ/n6HKkaf6eAJG4a4wQuRnpBG\ndSENmwh/cfqrIGU7pB5yj+ks10owzZnMxYqW97kjc1WMEieg1duv5A==' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-FAOPUZocQ5rpVUGko' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpqwks3l3z.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpqwks3l3z.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_encrypted_signed_response_4(self): cert_str, cert_key_str = generate_cert() > signed_resp = self.server.create_authn_response( self.ava, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=self.name_id, sign_response=True, sign_assertion=True, encrypt_assertion=True, encrypt_assertion_self_contained=True, pefim=True, encrypt_cert_advice=cert_str, ) tests/test_50_server.py:697: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:900: in _response response = signed_instance_factory(response, self.sec, to_sign_assertion) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=535b1dae80cfe5c102ea4ccc3cffb726e4f2b3c44166148d416b431013a564ddurn:mace:example.com:saml:roland:spMIICujCCAiMCAQEwDQYJKoZIhvcNAQELBQAwbTELMAkGA1UEBhMCc2UxCzAJBgNV\nBAgMAmFjMQ0wCwYDVQQHDAR1bWVhMRwwGgYDVQQKDBNJVFMgVW1lYSBVbml2ZXJz\naXR5MQ0wCwYDVQQLDARESVJHMRUwEwYDVQQDDAxsb2NhbGhvc3QuY2EwHhcNMjQx\nMTE0MDk0NTU0WhcNMzQxMTEyMDk0NTU0WjBaMQswCQYDVQQGEwJzZTELMAkGA1UE\nCAwCYWMxDTALBgNVBAcMBFVtZWExDDAKBgNVBAoMA0lUUzENMAsGA1UECwwERElS\nRzESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEApmhWTunG2J0n6DUqE/W1m1n30q/OQ8LTFKNkfMTJDwhyE6pWi8jmerj1\nAV4bxptuStwAImtl8ZyCsoWunI4DI4v7u8FZtl7Zp54NO7UPfksbPUEl3GDiT/Nw\ndd4hu68zlgjc6WsWl29rlf0PksbrRWu3H+zX2ytDjOke5NKDMuX8JpsoZLpzbO8C\nvq0cZq/wWPvmwD6mOx5USbM07Ir9EVl/ETFnP2jDUrLNWuUhUZF7XOU+wD50rdpg\nAs02Hyx/y8P95+26q4p2AmAjkdj+i1KTIpx21GXSN+x8jW0aUr2hYw+i84xcdgQ/\n3zufWK+XMKOCsmEY9gYFmKuW3SWOrQIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAAPH\n9ARWnuC1BM1iCBz1dzp2TZnLar+5ENgBX0k7EV/X37iHgihMctcsrxgL3u9qt3tT\n6dEOuoKy6ecg8BOEF9MJb4kuSN1xUFBLijvjL//xO3KQLL8adqPupuNfyP1xXYCS\nQfVBuQAcf4V7jZ+L06eTIEcF7auCQJ+Yjn8shwCNHSP60dCZoC9jIx12clAIPJl6kdiA7zmclZz1Yked81lIX27qfu5FWDvCqafC5uPi\nheTLS7ggai92RbyieM+jna6oSBXGRT2JzuWtp4gZk/G/YRUxDqJVmgtvNJZtXcCG\nFBYWrbL0r1FFVaJSOjyY3J09P5sAh+RFNZKv9sgyo1P7KeAcFfNovyP+T/SDId+q\nYevrFtAwMuv7cPb70LxkoieUlUCs5j1qCdySZRNCagbi7qlRpA6415gaHbm1bU0k\nJnuc6SdXXi+lBR5lJ0sfkXSWU5WCfDh7cc5BZiXoE2kB6lKnfM2tyOhTgsVefZty\n2C3ATHLO1+19fmkoSrEgmw==zNb0y+Sn3vl8pXTDwsycstmWVpZkATciVPC3pDAQnYwBMuqfRtIrjiTeVcAX9i4C\nWKV/1agQ74zbCfDKi4ntHfgH62MVCDTwB2YVFVMgNOZK8lMyvGwpvkKUb44gFsQY\nNQ1RMj33NKAm4NOUxi+F4z0BB3HAxr3XzUwtOwGDJGf/n3ubz9mJQMLm6ChtplGw\nHVA6k1mt9D8qyQj+od3rdsokRKfpFUIbN+5G+sLBAcB97PE5KI8qdYoySvjPbOXw\nDVP43dgV5SEP8K2e/U5K34x+JffHg/b6NMBX6vLwGzhoe43gMH5ubIxERxXBrykM\n4i6aFU70LGqcvDLKa+o9oDZDbGv4uwvQzT/1FCMIvvPtUkSGG+TWIoB5SQSG2La/\nylgw2yDzcCVMFpFSe7rl5ZddjLFVnQP51radRnASXUB+sXlSKGdzt21GNwLfU+Ma\ncSxkajD31IRGkznH+QohGlvEiT3KJtRmqW5tVmB/STo0uvZRr+Y0fQscfekgeFsZ\nNZRnqCJdJyIXb8cPjWw1dxQShVH2xnRIrMSTKzYS/2vo00ykm15Oiifllzvrr2X5\noD50IVoG0dnW5rJts80BGvkg/Aqyt1VhGQW8EO4BKMe2c7PpHMIBvOlhASXwYQ3o\nYOX9K9fg7WfYY0jJau884tx6oXpvWNWdQDtVNkFyKHGouHsh+Q3zOI1DisScZ+R5\nc1AMOxaascnmKR/6JKuP9u4jNHEsq8/rB295hDrN+VpdaoQOOi6rPZ0sZyi4V3EC\nYkXfg98/5RiRXXFJPmhLZyqDPq8ZaF1VJdi/IOHO/t1BvB9449mkTjY3WQx8swqy\nVZj/Ppj0mjdX3rUEoboKIveuy6mALipoRMgJ7gU2X9gQBPBjvvQIVc9hMdmRs353\nsdwHzmatIIQVC597GObrhXuRPXWUOGwrEXy3fL16B4K8lWsXYkxu280PEn/vHbg3\nfuyBPaKGsRo7A2tVXGSTTf6/A9G9OsHZlEfm7AM7PqlElnR5eVi+lJXElO+2Z44e\nDnEZ+OyQ3p+w7vXneMqeM+ObciaDgfIMdRrKOS6uEptbNz+F+vTUjxMgQSabddFq\nKZSZiUr7ZUXvy1jcDg37zCU+DjKd1Ip7FhhtblKqdpy8x+a40W19PKjq9Xh/0myW\nhB2Gdzuyp17GjC33YbfnCKRS1sGOu6eX4e62syMPvqmUv0VQ9yj+LugNyI7/nFqT\nn3D913WO6crP7fq3ggQ7mRYvM3HxZ4IY9ttS3e0P5x4vUFj1Hy9wIEm9jZ9Uqdi2\nWmncs2Fd26Hs72QoVVB1AYuGz2L7roibqJlMpsgkkNY+RIzgnNfBnuo/DzvOfJjJ\nDN7dgK3Eu1TDsklHcKEWEakS5zbG/evNfH+pcImcZJNPbZw0GWc1498QqBtRoE/5\nUpL1Dw0xN1pBySuDKi8+Mk+Rld4K57nRRoInspRbuPJCC2Wen0auObH8ug8KBdde\nsk81Nu+ozOv3kJGslbF6XZ+uJY4bWeM/XWeU4TkpBp31NeNr0SU4Lk0/p+1weliM\niGWPeV5etx10xgvOoSx0fULl+ZAoSAitd59p8vvxtY91WHdLuG+LsLTogwXlCvXy\nUdbtVHh/4evSBOTqDmelGPNhVM7Fz2fN6V639jPaaSm/TFEWzQlUEIjH5q07aY4+\n2rGrujn6xq+AeTRLuGiwBzq7x1q67KgTIWKb8rgarl4pOk9zrqcpuRIGEOhJbrtV\nugfGeGbVQ3J/RV2+X+/DgLmRCWcZ9Yt0p/qvyqgYmiOGn2+dixamv6KhHaO7122z\nOwmiLJJDYjFnqy+mLPpZBabppSlN4Ubk9tEowPLm1HuuRf5sH+hArZyVBiodwJIc\n8D0e/hDKPF5oGruya++lD3gDXog/0vA2FV8909X7OAX7gjQdd+6wmsGAa9YDW7x7\niYySkRLBB1TBTPTSrtjnnb1oArtYtheEmk68hfWsjs4ykKW3RwIKP5s7Mt7mMe+B\nSJ5BtKz2OMD0mRs54qV5zcvDgkaYoEb+DlC4ZRPZsK0qqdJDRvQMgBymS03vrs6N\nCd67PJ1BvcNv7OOTzDE+xqaJZBlrRbxa+ZsM9TMbhBveXQHnrxK2UKM4a15m2O0J\n/s/hOOrbK2GBcg76dfvxyEirxfXuqDN0VXkEs9303Wl9eHr+nOY6ll217g0uxDk8\nmNZAm+GzDsI0HzqzoweZxqzbWHaOXN8ny34PTkR0zpr1js4J43iGq5t+sLTinDeU\nyMWDZBqxNtZUCyNyxo6OIDO370v/lXu+qHBfZqQqqKxpWeFKYDhn1TdC3n5mhIVp\ns8F72CrOq0VFpWG/+1sePvu5msnL52HdWHSyFpDQ/n6HKkaf6eAJG4a4wQuRnpBG\ndSENmwh/cfqrIGU7pB5yj+ks10owzZnMxYqW97kjc1WMEieg1duv5A==' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-FAOPUZocQ5rpVUGko' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-FAOPUZocQ5rpVUGko', '--output', '/tmp/tmpomwz82g4.xml', '/tmp/tmpqwks3l3z.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpqwks3l3z.xml" output= _________________ TestServer1NonAsciiAva.test_signed_response __________________ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=3b01f3b4689e99e419a02f96c7522d6c25028b1964e213b9d589f27cccc61ac6urn:mace:example.com:saml:roland:spDerekJeterderek@nyy.mlb.comThe man' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-jEG0tyQoiSUdUyYHq' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpeax1813k.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpeax1813k.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_signed_response(self): name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id12") ava = {"givenName": ["Derek"], "sn": ["Jeter"], "mail": ["derek@nyy.mlb.com"], "title": "The man"} > signed_resp = self.server.create_authn_response( ava, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=name_id, sign_assertion=True, ) tests/test_50_server.py:1517: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:760: in _response return signed_instance_factory(response, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=3b01f3b4689e99e419a02f96c7522d6c25028b1964e213b9d589f27cccc61ac6urn:mace:example.com:saml:roland:spDerekJeterderek@nyy.mlb.comThe man' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-jEG0tyQoiSUdUyYHq' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-jEG0tyQoiSUdUyYHq', '--output', '/tmp/tmpjcdptgl1.xml', '/tmp/tmpeax1813k.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpeax1813k.xml" output= ________________ TestServer1NonAsciiAva.test_signed_response_1 _________________ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=75e39a4d177e6b154abb793ddab97670434f37c28a1919f83dfa8fe07099794curn:mace:example.com:saml:roland:spDaveConcepci\xc3\xb3ndave@cnr.mlb.com#13' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-1njYsbMxawQ3ZmMxv' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmp9gpj3kvp.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmp9gpj3kvp.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_signed_response_1(self): > signed_resp = self.server.create_authn_response( self.ava, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=self.name_id, sign_response=True, sign_assertion=True, ) tests/test_50_server.py:1540: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:918: in _response return self.sign(response, to_sign=to_sign, sign_alg=sign_alg, digest_alg=digest_alg) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:524: in sign return signed_instance_factory(msg, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=75e39a4d177e6b154abb793ddab97670434f37c28a1919f83dfa8fe07099794curn:mace:example.com:saml:roland:spDaveConcepci\xc3\xb3ndave@cnr.mlb.com#13' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-1njYsbMxawQ3ZmMxv' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-1njYsbMxawQ3ZmMxv', '--output', '/tmp/tmpu18q4bj4.xml', '/tmp/tmp9gpj3kvp.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmp9gpj3kvp.xml" output= ________________ TestServer1NonAsciiAva.test_signed_response_2 _________________ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idp75e39a4d177e6b154abb793ddab97670434f37c28a1919f83dfa8fe07099794curn:mace:example.com:saml:roland:spDaveConcepci\xc3\xb3ndave@cnr.mlb.com#13' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:Response' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-KXfqr2UY081sbWWg9' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:Response', ...] extra_args = ['/tmp/tmpgis3fp41.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpgis3fp41.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_signed_response_2(self): > signed_resp = self.server.create_authn_response( self.ava, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=self.name_id, sign_response=True, sign_assertion=False, ) tests/test_50_server.py:1571: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:918: in _response return self.sign(response, to_sign=to_sign, sign_alg=sign_alg, digest_alg=digest_alg) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:524: in sign return signed_instance_factory(msg, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idp75e39a4d177e6b154abb793ddab97670434f37c28a1919f83dfa8fe07099794curn:mace:example.com:saml:roland:spDaveConcepci\xc3\xb3ndave@cnr.mlb.com#13' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:Response' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-KXfqr2UY081sbWWg9' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:Response', '--node-id', 'id-KXfqr2UY081sbWWg9', '--output', '/tmp/tmp2hl7vx8e.xml', '/tmp/tmpgis3fp41.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpgis3fp41.xml" output= ________________ TestServer1NonAsciiAva.test_signed_response_3 _________________ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=75e39a4d177e6b154abb793ddab97670434f37c28a1919f83dfa8fe07099794curn:mace:example.com:saml:roland:spDaveConcepci\xc3\xb3ndave@cnr.mlb.com#13' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-rmqLR8Erq4B0Mnyzh' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmppmca5ni2.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmppmca5ni2.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_signed_response_3(self): > signed_resp = self.server.create_authn_response( self.ava, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=self.name_id, sign_response=False, sign_assertion=True, ) tests/test_50_server.py:1595: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:760: in _response return signed_instance_factory(response, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=75e39a4d177e6b154abb793ddab97670434f37c28a1919f83dfa8fe07099794curn:mace:example.com:saml:roland:spDaveConcepci\xc3\xb3ndave@cnr.mlb.com#13' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-rmqLR8Erq4B0Mnyzh' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-rmqLR8Erq4B0Mnyzh', '--output', '/tmp/tmpp2s155dq.xml', '/tmp/tmppmca5ni2.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmppmca5ni2.xml" output= ___________ TestServer1NonAsciiAva.test_encrypted_signed_response_1 ____________ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=75e39a4d177e6b154abb793ddab97670434f37c28a1919f83dfa8fe07099794curn:mace:example.com:saml:roland:spMIICujCCAiMCAQEwDQYJKoZIhvcNAQELBQAwbTELMAkGA1UEBhMCc2UxCzAJBgNV\nBAgMAmFjMQ0wCwYDVQQHDAR1bWVhMRwwGgYDVQQKDBNJVFMgVW1lYSBVbml2ZXJz\naXR5MQ0wCwYDVQQLDARESVJHMRUwEwYDVQQDDAxsb2NhbGhvc3QuY2EwHhcNMjQx\nMTE0MDk0NTU2WhcNMzQxMTEyMDk0NTU2WjBaMQswCQYDVQQGEwJzZTELMAkGA1UE\nCAwCYWMxDTALBgNVBAcMBFVtZWExDDAKBgNVBAoMA0lUUzENMAsGA1UECwwERElS\nRzESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEArRkF1bm2GowQt7zQSm6oNcQ4KHfYHPSqqe7UhtMaqa8pQmq9AeE5HPWP\nswJuU45oG1WZknLon5By3+o8C/9SXoX28zMngxu6/QDXG67neWZfgo6yVnBR2Agw\nKNJ5tSZ5VIO099cQPh+afJx80g/Zd+ytVKsjiSgDLFSgkx2mKwRCk/UNpL9SUzgU\nCunFziaZ1AmrjbS7iCczLOn7t37DWwWr3x+Hm65AXrXOgzUROyXbA94Ip305aqQQ\nkR3ENoPs11W2ML2HDQsKwEKaF/Tpr68gtyLB7MBvSYD8Zaws45QLl3aMWpQMUxMF\nZRE4TA/+db/47SHUvmnQvJZcBdWnnwIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAGaC\na1YWOUAxHhWRjEn9QWJl3SPhQr68os/GH9LEU8Ec7foJEDJXRg2o4zRheg9EHU4j\nmw2jysIGc910jeXiNb0lBnL1SA2+dfbHWo7zqKjsrmXhq7mgh1rVwSVvEqeCgGW/\ndacwrJzSLbalGUHNE7tbfQDUQfhndn8FqEmFLLMxYG5Y6ok3KvKGAk6vZrYBih3JHiWciBHX2a8sLthEhWUg6fGkLVjZgY2MN8ZzbApV\nLzDXgScUy5F0fiR5na5KQ2LkzoJpf6pas+WReuSSf00c6ip3agMswDgsWGaEtZGD\n/8bqWDwxWICCV8v3zKjpf7EJehoUCEAfcuO9hWOPLfy7BTIEkJbynchrTcrnkvKe\ndN+FouGhZue3EjKxa+qePFsP4d9ZmxkUI2t7ShEnFJ06iSRZcZpb6XmVQacTP8iI\nF2PVY8X+Hw6u3oZbaOZvkCM0SyUxdrxkU+birffk9fUQRYmhuKTOGsqaRi/1h/lY\ncx9xR2qyAoUFqsQycrjdIQ==6OS7u6et+Az3lUXCScFoqC5hB8R9nY98q1sgPXbxFcTUQGK4GEdB0B1MW7T/xAki\nPoQyVAREB6mEnCrL5zQQMaJ4VlQqB6xgmQlAY2la4LHmTkhb4IRRKxzkLxqMPrVH\n5m+xZaMbc0dRL5Ahs8YNiLEHBUsZ+0lMA9Dsygz752Z0Q0G43CX89k8UQK1bHBMm\ntAp3aCYG6k0e1mc0XvAFGIixFYKz6F9xRamDcK49zB96Apw0s7jC3ZLdkWD+aLxK\nrxg8EzoMfFIJDK632QEWw8RZr6QX8411DXxYI0jY+5L6FUfJvpgI5fxctk5F7PxI\nqIeU5ekbpfHUJeOErpEKoIv+x4vt/y8TRZxgdFgXRSYuFGSxTjRTt/ZFcsZa1oaa\n7cNMMa5JIs9WNUKxAMrhNf6JxnEs+ndszgD9KZLJQDsS3EYieXdGZg7B26zVIKEJ\nQawQIgMWi2sVGSlFyaBJ+gfEnseN4+eZiisB8HvHeEkls7Hk9oX5JeVM8J9AvOY9\n4CBgc0Fius8oVTGS2LLiCF1EWQJzNq6BEovjOYJvjFo+Ui7VBNNLCCRVpne1gFIh\n6rSErGPzFR2NzBBq/4KdjHxr/N0ECLKzHzA6QcONObKQPdKaJZe3tcFiP9xxQzpX\nv63vr+oN2AhSFBZBh3LEVjaWg4pLfNyRNRiM8EMZa1esWjOI2HsWBvezEkW8CBet\nTdI2w7tV+sZu9NS9QXV4yz8kQ0johcNd3PzWZA3WePRmr+laKwu/WlrYw5ww7OYn\nbpB61UCclPg1DsKEb1+6TX/WuDtqP0G76r5ojqwIcNz1yydXu7Bjrw0TLZ6FanoW\nGih2r/cCJ/4ryGXeDDYK4MPbPmaKCFW+5xBXMhoVwpvSuMKRKGEpDCJbnlOCtT3p\ndHN5QyZ18iBhbhJmo2vwLEpC3qxBLqG7/ctmXbqTXrF7eA87Nj8olKjrq64jjB2A\nBn5lgYBDhA01U1zp8y2+CWsvoizfAXiEpLuJQKC1fDUKLsSdP51fl4o6Vfms0Prf\ngzRe3wZXKLc/PO85m5pdU/PpI96pPLyUH2qV3mPUVNC5XJTNIkejYQhHprAmt/S9\nbhviT7GQpvGVJCi/h947pjc44VDWjgh0smLFy0AoZMqvcJyoVMcvGAc9dCPxqjfo\nmmd2O/fAatpgBfXvHWprnu/TXe1OQmWDD1j6P7sBdCxvaBnPE06IQgUHCSVaWFr+\nWZ9/QoIE5eqMDRFKYste5V01tbSvZY8rXnVbHnymTYkyTF8yWGs+c1JODMEACxTQ\nH4heJWHlYN4dTs69P8NQLSKiBnelDxdPMh3tEW/rG6+0US7UnYGNoJYwMd2fcuZK\n1xJPSm9HJB0E53OWr2Ts0Sq1TO9sB9023JBM2rD/cTlBtoMESw42FVSahEYe8Wlo\nvT/kyIuMIhmYER/6Wo+uIdhiD0EDr45aR4CoKdKALvHPDh6X0NmNY0g7l40aIRQH\n6T+Z18pYWbhHScFgfCfmppiME0gSbVtxAFDhm8R7htxSx3HvdHj8C2cBl65ABgIk\nN3IGa/uHy5pz7SGfirgzP3GpHQWxR88e6U46VN7H5G/RwPhUTGJ5vbOm5E68hVC8\nzfmlTOsoSNhNV8jw8CfPEXOI0Co4g6SfVwecv0riaBmD3aJtjmzzVuq+l5f1GI0t\n+7GK/3d9YQEAH6bt/1cKYxRIBvEMZQ30kmcoKPUNerHOY0xUWDSrbwTF2N8PsYZK\nUWFLJIrhHJ7QNKch0OtlXwFNpAduxx8GPU44krE2zxuo+7/ZIK60L9R5M0cIw6Pk\ncJeRpeEO3izP/Rv0OUzXaTZD7vQZoXAOg4p8LMOAVb04S44lvb1Q9NPN5auVXenD\naGT8al2TlYRcNO2pUW++ELWkwRHelXv+1RxeSiGR3Jt60j7Ym2MtGrSJU79OKVC/\nc/d7ilfAmJ75GHcJ2mJRnE7Np1XVzaNBM+fJmKNiDaCD/7N1whA9Y6M08VVUyTEW\nty6tRVQ644EwsZD6+SSwLrVLXpZWnVOU0YkEXXjVcaIWfjoyL9D1zoKqeJm4a82I\n7ziAIjCwyZOdHpf4u0Tr/6J/3oOrXpAqBW+LdbXN4Epqm9IZ37ndQlSl6NtXnARc\n972m4xnls2i3GzpSu1QG4o5si5M97mbcr6nqRIOJUE6YUVRNQ2tbv3LOVgBX/6yK\nxLgqDoNowzg0VIYQN7aN19KcrFrvLPUHS2WZ111sWa40/yjlkJ2fEIy3agZAz7Dc\nNrYrFXvo8ZJ2ykBvtqT8zRbSF5d9leKJypN71RzabClN51R3IPjMXiiLDzMamoKS\nJnCByvD91D/jYoz3e2t5mTu7E2yL4H5DvOF0asaSr5BVgJX7a0z8jY8fmVqzWtFR\nQi9zVqQoQoBwQw8/mA48i59lDrnBx417IovOnW8mlnnggGyuCb0Pfg==' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-zduoBe77nVZgnvfwa' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpqavvatw4.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpqavvatw4.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_encrypted_signed_response_1(self): cert_str, cert_key_str = generate_cert() > signed_resp = self.server.create_authn_response( self.ava, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=self.name_id, sign_response=True, sign_assertion=True, encrypt_assertion=False, encrypt_assertion_self_contained=True, pefim=True, encrypt_cert_advice=cert_str, ) tests/test_50_server.py:1623: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:907: in _response response = signed_instance_factory(response, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=75e39a4d177e6b154abb793ddab97670434f37c28a1919f83dfa8fe07099794curn:mace:example.com:saml:roland:spMIICujCCAiMCAQEwDQYJKoZIhvcNAQELBQAwbTELMAkGA1UEBhMCc2UxCzAJBgNV\nBAgMAmFjMQ0wCwYDVQQHDAR1bWVhMRwwGgYDVQQKDBNJVFMgVW1lYSBVbml2ZXJz\naXR5MQ0wCwYDVQQLDARESVJHMRUwEwYDVQQDDAxsb2NhbGhvc3QuY2EwHhcNMjQx\nMTE0MDk0NTU2WhcNMzQxMTEyMDk0NTU2WjBaMQswCQYDVQQGEwJzZTELMAkGA1UE\nCAwCYWMxDTALBgNVBAcMBFVtZWExDDAKBgNVBAoMA0lUUzENMAsGA1UECwwERElS\nRzESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEArRkF1bm2GowQt7zQSm6oNcQ4KHfYHPSqqe7UhtMaqa8pQmq9AeE5HPWP\nswJuU45oG1WZknLon5By3+o8C/9SXoX28zMngxu6/QDXG67neWZfgo6yVnBR2Agw\nKNJ5tSZ5VIO099cQPh+afJx80g/Zd+ytVKsjiSgDLFSgkx2mKwRCk/UNpL9SUzgU\nCunFziaZ1AmrjbS7iCczLOn7t37DWwWr3x+Hm65AXrXOgzUROyXbA94Ip305aqQQ\nkR3ENoPs11W2ML2HDQsKwEKaF/Tpr68gtyLB7MBvSYD8Zaws45QLl3aMWpQMUxMF\nZRE4TA/+db/47SHUvmnQvJZcBdWnnwIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAGaC\na1YWOUAxHhWRjEn9QWJl3SPhQr68os/GH9LEU8Ec7foJEDJXRg2o4zRheg9EHU4j\nmw2jysIGc910jeXiNb0lBnL1SA2+dfbHWo7zqKjsrmXhq7mgh1rVwSVvEqeCgGW/\ndacwrJzSLbalGUHNE7tbfQDUQfhndn8FqEmFLLMxYG5Y6ok3KvKGAk6vZrYBih3JHiWciBHX2a8sLthEhWUg6fGkLVjZgY2MN8ZzbApV\nLzDXgScUy5F0fiR5na5KQ2LkzoJpf6pas+WReuSSf00c6ip3agMswDgsWGaEtZGD\n/8bqWDwxWICCV8v3zKjpf7EJehoUCEAfcuO9hWOPLfy7BTIEkJbynchrTcrnkvKe\ndN+FouGhZue3EjKxa+qePFsP4d9ZmxkUI2t7ShEnFJ06iSRZcZpb6XmVQacTP8iI\nF2PVY8X+Hw6u3oZbaOZvkCM0SyUxdrxkU+birffk9fUQRYmhuKTOGsqaRi/1h/lY\ncx9xR2qyAoUFqsQycrjdIQ==6OS7u6et+Az3lUXCScFoqC5hB8R9nY98q1sgPXbxFcTUQGK4GEdB0B1MW7T/xAki\nPoQyVAREB6mEnCrL5zQQMaJ4VlQqB6xgmQlAY2la4LHmTkhb4IRRKxzkLxqMPrVH\n5m+xZaMbc0dRL5Ahs8YNiLEHBUsZ+0lMA9Dsygz752Z0Q0G43CX89k8UQK1bHBMm\ntAp3aCYG6k0e1mc0XvAFGIixFYKz6F9xRamDcK49zB96Apw0s7jC3ZLdkWD+aLxK\nrxg8EzoMfFIJDK632QEWw8RZr6QX8411DXxYI0jY+5L6FUfJvpgI5fxctk5F7PxI\nqIeU5ekbpfHUJeOErpEKoIv+x4vt/y8TRZxgdFgXRSYuFGSxTjRTt/ZFcsZa1oaa\n7cNMMa5JIs9WNUKxAMrhNf6JxnEs+ndszgD9KZLJQDsS3EYieXdGZg7B26zVIKEJ\nQawQIgMWi2sVGSlFyaBJ+gfEnseN4+eZiisB8HvHeEkls7Hk9oX5JeVM8J9AvOY9\n4CBgc0Fius8oVTGS2LLiCF1EWQJzNq6BEovjOYJvjFo+Ui7VBNNLCCRVpne1gFIh\n6rSErGPzFR2NzBBq/4KdjHxr/N0ECLKzHzA6QcONObKQPdKaJZe3tcFiP9xxQzpX\nv63vr+oN2AhSFBZBh3LEVjaWg4pLfNyRNRiM8EMZa1esWjOI2HsWBvezEkW8CBet\nTdI2w7tV+sZu9NS9QXV4yz8kQ0johcNd3PzWZA3WePRmr+laKwu/WlrYw5ww7OYn\nbpB61UCclPg1DsKEb1+6TX/WuDtqP0G76r5ojqwIcNz1yydXu7Bjrw0TLZ6FanoW\nGih2r/cCJ/4ryGXeDDYK4MPbPmaKCFW+5xBXMhoVwpvSuMKRKGEpDCJbnlOCtT3p\ndHN5QyZ18iBhbhJmo2vwLEpC3qxBLqG7/ctmXbqTXrF7eA87Nj8olKjrq64jjB2A\nBn5lgYBDhA01U1zp8y2+CWsvoizfAXiEpLuJQKC1fDUKLsSdP51fl4o6Vfms0Prf\ngzRe3wZXKLc/PO85m5pdU/PpI96pPLyUH2qV3mPUVNC5XJTNIkejYQhHprAmt/S9\nbhviT7GQpvGVJCi/h947pjc44VDWjgh0smLFy0AoZMqvcJyoVMcvGAc9dCPxqjfo\nmmd2O/fAatpgBfXvHWprnu/TXe1OQmWDD1j6P7sBdCxvaBnPE06IQgUHCSVaWFr+\nWZ9/QoIE5eqMDRFKYste5V01tbSvZY8rXnVbHnymTYkyTF8yWGs+c1JODMEACxTQ\nH4heJWHlYN4dTs69P8NQLSKiBnelDxdPMh3tEW/rG6+0US7UnYGNoJYwMd2fcuZK\n1xJPSm9HJB0E53OWr2Ts0Sq1TO9sB9023JBM2rD/cTlBtoMESw42FVSahEYe8Wlo\nvT/kyIuMIhmYER/6Wo+uIdhiD0EDr45aR4CoKdKALvHPDh6X0NmNY0g7l40aIRQH\n6T+Z18pYWbhHScFgfCfmppiME0gSbVtxAFDhm8R7htxSx3HvdHj8C2cBl65ABgIk\nN3IGa/uHy5pz7SGfirgzP3GpHQWxR88e6U46VN7H5G/RwPhUTGJ5vbOm5E68hVC8\nzfmlTOsoSNhNV8jw8CfPEXOI0Co4g6SfVwecv0riaBmD3aJtjmzzVuq+l5f1GI0t\n+7GK/3d9YQEAH6bt/1cKYxRIBvEMZQ30kmcoKPUNerHOY0xUWDSrbwTF2N8PsYZK\nUWFLJIrhHJ7QNKch0OtlXwFNpAduxx8GPU44krE2zxuo+7/ZIK60L9R5M0cIw6Pk\ncJeRpeEO3izP/Rv0OUzXaTZD7vQZoXAOg4p8LMOAVb04S44lvb1Q9NPN5auVXenD\naGT8al2TlYRcNO2pUW++ELWkwRHelXv+1RxeSiGR3Jt60j7Ym2MtGrSJU79OKVC/\nc/d7ilfAmJ75GHcJ2mJRnE7Np1XVzaNBM+fJmKNiDaCD/7N1whA9Y6M08VVUyTEW\nty6tRVQ644EwsZD6+SSwLrVLXpZWnVOU0YkEXXjVcaIWfjoyL9D1zoKqeJm4a82I\n7ziAIjCwyZOdHpf4u0Tr/6J/3oOrXpAqBW+LdbXN4Epqm9IZ37ndQlSl6NtXnARc\n972m4xnls2i3GzpSu1QG4o5si5M97mbcr6nqRIOJUE6YUVRNQ2tbv3LOVgBX/6yK\nxLgqDoNowzg0VIYQN7aN19KcrFrvLPUHS2WZ111sWa40/yjlkJ2fEIy3agZAz7Dc\nNrYrFXvo8ZJ2ykBvtqT8zRbSF5d9leKJypN71RzabClN51R3IPjMXiiLDzMamoKS\nJnCByvD91D/jYoz3e2t5mTu7E2yL4H5DvOF0asaSr5BVgJX7a0z8jY8fmVqzWtFR\nQi9zVqQoQoBwQw8/mA48i59lDrnBx417IovOnW8mlnnggGyuCb0Pfg==' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-zduoBe77nVZgnvfwa' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-zduoBe77nVZgnvfwa', '--output', '/tmp/tmpany64e6y.xml', '/tmp/tmpqavvatw4.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpqavvatw4.xml" output= ___________ TestServer1NonAsciiAva.test_encrypted_signed_response_2 ____________ self = statement = '\nurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=MIICHzCCAYgCAQEwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UEBhMCenoxCzAJBgNV\nBAgMAnp6MQ0wCwYDVQQHDAR6enp6MQ4wDAYDVQQKDAVaenp6ejEOMAwGA1UECwwF\nWnp6enoxDTALBgNVBAMMBHRlc3QwHhcNMTUwNjAyMDc0MzAxWhcNMjUwNTMwMDc0\nMzAxWjBYMQswCQYDVQQGEwJ6ejELMAkGA1UECAwCenoxDTALBgNVBAcMBHp6enox\nDjAMBgNVBAoMBVp6enp6MQ4wDAYDVQQLDAVaenp6ejENMAsGA1UEAwwEdGVzdDCB\nnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA41tJCTPuG2lirbztuGbBlzbzSipM\nEzM+zluWegUaoUjqtlgNHOTQqTJOqw/GdjkxRKJT6IxI3/HVcnfw7P4a4xSkL/ME\nIG3VyzedWEyLIHeofoQSTvr84ZdD0+Gk+zNCSqOQC7UuqpOLbMKK1tgZ8Mr7BkgI\np8H3lreLf29Sd5MCAwEAATANBgkqhkiG9w0BAQsFAAOBgQB0EXxy5+hsB7Rid7Gy\nCZrAObpaC4nbyPPW/vccFKmEkYtlygEPgky7D9AGsVSaTc/YxPZcanY+vKoRIsiR\n6ZitIUU5b+NnHcdj6289tUQ0iHj5jgVyv8wYHvPntTnqH2S7he0talLER8ITYToh\n2wz3u7waz/GypMeA/suhoEfxew==2SeunRJB9n2LSKUFzsWv1mgtbu8TmODBw6fblSh+fy+zXAzCWdjGaw1ij/AIuWeI\n8bP2yvIZeFmd5gIu0qtkk/ASPnzEa8S7iwtIulQqRMQ7ws7ZQFI/JK5sHuZ0Ib7X\ntHEWyE7u3g3gUXzxa88iaFrm+xrw2vxAGxADnK7tsQU=9/dPEXHRnODuAETUbQXu/HVbtmu4KTVXW+0AflVuEn7ZZLgTopmREiPMX9/aGncc\nuhWKak+BF4LiRTdXCFA0hLjAoLEjNl24RQRAZ0HfCbNVx3VB3bN2cYDcDkCsduMK\ns8t8ZFHQNtmXkXSBC38faPbOqbDTpM3SjJP4+suLElrR3fW9c0DxfyTyTGhj89LL\nDTqddX+e2QQtblsheeVIdou/XiH5OuIfbZcaKdJd3yaQnFBgBn1wOtguPJRV83kL\nLbmSgOtzVQ62vImniMIha9oBTAZmirePG9F7KS/7G7QDqc5Goe9uL5OHZkiOwL6C\ni7dHnkEv97hwDXXV2C0EFP1WpxKxmF1es1EtO5WpGty+hNjShk9ZsTFgciamwr5V\n38eSUeAu7WACwtenrzGOyJ26F0oLfAMP30deeBnrvIktsMdP6wkiHNCsZ8N7a7go\nAT1ngk9XOdiIXOaybgB2QBSdVzwHXJagtCxG+mGN6VV6qAdlnKkqSNpIxGBtv5zp\nbgx0XHJCiJNUKxa36AZgDG8l3lv0vXpw7ZnPk56/AtFK3vq+a064glAK3Co+6meq\nod8Z0cBdZ9Ds1DcVDvKiXS5CMpieq0m0kfXSA8gv8cIxRIwMBP/fLXRMKyFFbwmq\nsaj0GuOo62/6Ut6yoQzB5Feu7Rd9e9x35Sw6ofMjHSfUh5aigQJ+Ph3iwTdKEJMO\n3i6PAoW1Y0CquzPXmM6ps+EXyXp4wHTMUer3QlXShcxhPZECg+a324XyniSzh05p\n5FU3XCM4zuHBR0+UEnsQ1jaXs6z7fACIkqJaJLWr4eVSi9aE5HBEfLg5P5VIclv6\nkVZfRP6BFso3HbzkrWG/smJd4CTJOHhhENJtu09pP3reYEUF7KFguUOrlmEW/4Fl\nTTWxe1Wjf1JHlAVP8LUva/D7x6knf0w8AaxS/xthCzGkCb8SitMESG46lGSEE94J\n8QLMjXZo8Ef6lAyXL5hJK7gqcoQqkbMP+mvTwv76D5a9M/GScauOwReO2u2J66mm\nXfvVofqt4K9qmclikPkSaOL8B2LhYf9bZDAlomFDsE7TiWtWjz4vEKK3XxsD685N\n6sP4Apa5s6wrhMPxH2PqVESHszCAgSvJyR7Iwlgy1tb3Er4lz7iIW9JHOoi3J8mH\nBaGI3+GOFDDOCa/aXivSNpnsztNB5VVXIj7jWcV7TADW+7eBCIK9uRQ2vx86jNZf\ndmCUpozTA2XYSkxD2+hoCvZQppt5Lbcxa9vc3tjCr6SfAd0nj1y1V+NZ5/jSjDLQ\nm8PGfcOEAO4QIqnv+TiI9D/eV0iSZfu3AVJkNYNnlLK+JPRalWZCEPrOp2/xm/hn\nDQ+vat5Z+6T81wJWvfRAYeL1wJvs0PEQx+LmFSUxsOEazvAtW+AbzqM2BfVaRsS5\ntRt6T4wSXW/x6mErpKXtNPz329DbApX2yn9VlUlUA5J30eNhji5BGQofm2b/9AtS\nLnMDSJi5PKFRFRwHSd6Ly1mSxDWgX0zDpiIToHZkVCGqG17vK5qDLeTP/B2R9Qyg\nklAGXVok98tfLXzfbaCpzffvwVixlkMhZFLqK9e9RhCkSrwtnRSPQk19ARuQ6NpP\nTjLzTbzV+1Jpr5D7iz1LhlgzlhzTTKeM9fzWhn1xaeJF2Jn5086d3aMQWbBlCNzM\neQ3wKSQohHjYnqdkCZehCZVaO42pTzJm1QLwH9+wvLMKuUuZTzoV8hCiHCkwrVpd\nTVPcAp8SMheQCKsWNuAOrDEwlpoAZai8hccPMzbs4hewB+BtfUjWD6NQojABu7tK\ncoFGTEMBdC3X9Mz3EpOCUYD6PqSW51NQTsz42pQWE1+C/lBtMj9EPAThVLCpmTEL\nHc60a0R5i2MRaXkbhUhVO7KSpWBArHJ6SFK1JmRtIHj/IBzTkHadoQQdppJJ8ZEx\nHLZ++8YUsfiGOYsiFWaj3UQFu13zp+OZgkt4aoI7hq7lzCE+aSt/4m7PiDmYDhh7\ntLtaQnIxUlnGmhi6BYUYthD1mG3pQrhwVWl3IFFfYKC5p0WMVpgmHR9VAwIs0QRF\nJpi0zaJNTF1CBTuAQbrGyzrVq0w7RUWQJhMiQxkiexSait0bHY7JLg+BxdXJzl1d\nEHfMAUmuDBSa2PDxSKEhOT0XRsu1W5PTH9zBrgdEMD6rFf4vCwcmlInjCeoSyy9a\nfAnPf649e7BMBTBm45dg6gJtwYefSkVfF9iYIZd7LpdnqtMCKrMP1i3ps3JuPrJK\nqZRQZekv9oRAki93bttirWmzo/uRtge1SD/qhbbWTWuWvJJGv5NFgH9aR38trJU4\nb6/rQgvo+cuPhVBBw5Mej9wZybV5oz8ojJbj8vEYRa/i8kt+4fh2u9eYQxu1LUe1\nFqYsEzdI2WspdZluoGyzScdOu/p4BUqOjl8yO3OH/nxWQ5c/iR7MZzgrP0fgiRMp\nLxTp21g3XeLkVLzimIAxbkxQb2PvDgNZ6OEhldeJwuXrahIG4/vp48VjBM2qxTEs\n7PATyi3tF0zSIlr/BNZXiJi25Z9PLJ3IPTwYPq+OSN1yzrbLS7qFxcOB9nPrxqBM\n4RW9yMPTgps3/QmPL6F1Z2DSTaADT+vYbiT9ktHuIhXRS6iH1uyBg+3U22bCN15Q\n+c90dHvcvh3PWuB2SYMy9PrA4T/9IqHIPsJlLgT4n8CM5ApuPvWRKnEZzuBIb9nL\n1w3qvtxhvDllQuRtNF1gVDUYHmfDJ78RHE2rCOYjRoaYkHV1vA6Jh4AENPlHMkMS\nB6+A07GrdbJJQjpGPLZaAeL8ZCmhwAxDNn5IR1XJ94mRAXJqylXxzpe5LXOCoP2R\neo0A3rU5ASuWWL7xT9/TohUOWjr6iHizZwi510JeSCuYKxMvWRqvhvSiaFBslGI9\nE0Q791E8vvvsuc75u00jTMV0O4Kq7qMXwkJIXw+yGpzOMpqZt884jQ==\n' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:Response' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-LAPwP5soJp6W3SUPc' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:Response', ...] extra_args = ['/tmp/tmpygt_6dp3.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpygt_6dp3.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_encrypted_signed_response_2(self): cert_str, cert_key_str = generate_cert() > signed_resp = self.server.create_authn_response( self.ava, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=self.name_id, sign_response=True, sign_assertion=False, encrypt_assertion=True, encrypt_assertion_self_contained=True, ) tests/test_50_server.py:1681: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:912: in _response return signed_instance_factory(response, self.sec, sign_class) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = '\nurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=MIICHzCCAYgCAQEwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UEBhMCenoxCzAJBgNV\nBAgMAnp6MQ0wCwYDVQQHDAR6enp6MQ4wDAYDVQQKDAVaenp6ejEOMAwGA1UECwwF\nWnp6enoxDTALBgNVBAMMBHRlc3QwHhcNMTUwNjAyMDc0MzAxWhcNMjUwNTMwMDc0\nMzAxWjBYMQswCQYDVQQGEwJ6ejELMAkGA1UECAwCenoxDTALBgNVBAcMBHp6enox\nDjAMBgNVBAoMBVp6enp6MQ4wDAYDVQQLDAVaenp6ejENMAsGA1UEAwwEdGVzdDCB\nnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA41tJCTPuG2lirbztuGbBlzbzSipM\nEzM+zluWegUaoUjqtlgNHOTQqTJOqw/GdjkxRKJT6IxI3/HVcnfw7P4a4xSkL/ME\nIG3VyzedWEyLIHeofoQSTvr84ZdD0+Gk+zNCSqOQC7UuqpOLbMKK1tgZ8Mr7BkgI\np8H3lreLf29Sd5MCAwEAATANBgkqhkiG9w0BAQsFAAOBgQB0EXxy5+hsB7Rid7Gy\nCZrAObpaC4nbyPPW/vccFKmEkYtlygEPgky7D9AGsVSaTc/YxPZcanY+vKoRIsiR\n6ZitIUU5b+NnHcdj6289tUQ0iHj5jgVyv8wYHvPntTnqH2S7he0talLER8ITYToh\n2wz3u7waz/GypMeA/suhoEfxew==2SeunRJB9n2LSKUFzsWv1mgtbu8TmODBw6fblSh+fy+zXAzCWdjGaw1ij/AIuWeI\n8bP2yvIZeFmd5gIu0qtkk/ASPnzEa8S7iwtIulQqRMQ7ws7ZQFI/JK5sHuZ0Ib7X\ntHEWyE7u3g3gUXzxa88iaFrm+xrw2vxAGxADnK7tsQU=9/dPEXHRnODuAETUbQXu/HVbtmu4KTVXW+0AflVuEn7ZZLgTopmREiPMX9/aGncc\nuhWKak+BF4LiRTdXCFA0hLjAoLEjNl24RQRAZ0HfCbNVx3VB3bN2cYDcDkCsduMK\ns8t8ZFHQNtmXkXSBC38faPbOqbDTpM3SjJP4+suLElrR3fW9c0DxfyTyTGhj89LL\nDTqddX+e2QQtblsheeVIdou/XiH5OuIfbZcaKdJd3yaQnFBgBn1wOtguPJRV83kL\nLbmSgOtzVQ62vImniMIha9oBTAZmirePG9F7KS/7G7QDqc5Goe9uL5OHZkiOwL6C\ni7dHnkEv97hwDXXV2C0EFP1WpxKxmF1es1EtO5WpGty+hNjShk9ZsTFgciamwr5V\n38eSUeAu7WACwtenrzGOyJ26F0oLfAMP30deeBnrvIktsMdP6wkiHNCsZ8N7a7go\nAT1ngk9XOdiIXOaybgB2QBSdVzwHXJagtCxG+mGN6VV6qAdlnKkqSNpIxGBtv5zp\nbgx0XHJCiJNUKxa36AZgDG8l3lv0vXpw7ZnPk56/AtFK3vq+a064glAK3Co+6meq\nod8Z0cBdZ9Ds1DcVDvKiXS5CMpieq0m0kfXSA8gv8cIxRIwMBP/fLXRMKyFFbwmq\nsaj0GuOo62/6Ut6yoQzB5Feu7Rd9e9x35Sw6ofMjHSfUh5aigQJ+Ph3iwTdKEJMO\n3i6PAoW1Y0CquzPXmM6ps+EXyXp4wHTMUer3QlXShcxhPZECg+a324XyniSzh05p\n5FU3XCM4zuHBR0+UEnsQ1jaXs6z7fACIkqJaJLWr4eVSi9aE5HBEfLg5P5VIclv6\nkVZfRP6BFso3HbzkrWG/smJd4CTJOHhhENJtu09pP3reYEUF7KFguUOrlmEW/4Fl\nTTWxe1Wjf1JHlAVP8LUva/D7x6knf0w8AaxS/xthCzGkCb8SitMESG46lGSEE94J\n8QLMjXZo8Ef6lAyXL5hJK7gqcoQqkbMP+mvTwv76D5a9M/GScauOwReO2u2J66mm\nXfvVofqt4K9qmclikPkSaOL8B2LhYf9bZDAlomFDsE7TiWtWjz4vEKK3XxsD685N\n6sP4Apa5s6wrhMPxH2PqVESHszCAgSvJyR7Iwlgy1tb3Er4lz7iIW9JHOoi3J8mH\nBaGI3+GOFDDOCa/aXivSNpnsztNB5VVXIj7jWcV7TADW+7eBCIK9uRQ2vx86jNZf\ndmCUpozTA2XYSkxD2+hoCvZQppt5Lbcxa9vc3tjCr6SfAd0nj1y1V+NZ5/jSjDLQ\nm8PGfcOEAO4QIqnv+TiI9D/eV0iSZfu3AVJkNYNnlLK+JPRalWZCEPrOp2/xm/hn\nDQ+vat5Z+6T81wJWvfRAYeL1wJvs0PEQx+LmFSUxsOEazvAtW+AbzqM2BfVaRsS5\ntRt6T4wSXW/x6mErpKXtNPz329DbApX2yn9VlUlUA5J30eNhji5BGQofm2b/9AtS\nLnMDSJi5PKFRFRwHSd6Ly1mSxDWgX0zDpiIToHZkVCGqG17vK5qDLeTP/B2R9Qyg\nklAGXVok98tfLXzfbaCpzffvwVixlkMhZFLqK9e9RhCkSrwtnRSPQk19ARuQ6NpP\nTjLzTbzV+1Jpr5D7iz1LhlgzlhzTTKeM9fzWhn1xaeJF2Jn5086d3aMQWbBlCNzM\neQ3wKSQohHjYnqdkCZehCZVaO42pTzJm1QLwH9+wvLMKuUuZTzoV8hCiHCkwrVpd\nTVPcAp8SMheQCKsWNuAOrDEwlpoAZai8hccPMzbs4hewB+BtfUjWD6NQojABu7tK\ncoFGTEMBdC3X9Mz3EpOCUYD6PqSW51NQTsz42pQWE1+C/lBtMj9EPAThVLCpmTEL\nHc60a0R5i2MRaXkbhUhVO7KSpWBArHJ6SFK1JmRtIHj/IBzTkHadoQQdppJJ8ZEx\nHLZ++8YUsfiGOYsiFWaj3UQFu13zp+OZgkt4aoI7hq7lzCE+aSt/4m7PiDmYDhh7\ntLtaQnIxUlnGmhi6BYUYthD1mG3pQrhwVWl3IFFfYKC5p0WMVpgmHR9VAwIs0QRF\nJpi0zaJNTF1CBTuAQbrGyzrVq0w7RUWQJhMiQxkiexSait0bHY7JLg+BxdXJzl1d\nEHfMAUmuDBSa2PDxSKEhOT0XRsu1W5PTH9zBrgdEMD6rFf4vCwcmlInjCeoSyy9a\nfAnPf649e7BMBTBm45dg6gJtwYefSkVfF9iYIZd7LpdnqtMCKrMP1i3ps3JuPrJK\nqZRQZekv9oRAki93bttirWmzo/uRtge1SD/qhbbWTWuWvJJGv5NFgH9aR38trJU4\nb6/rQgvo+cuPhVBBw5Mej9wZybV5oz8ojJbj8vEYRa/i8kt+4fh2u9eYQxu1LUe1\nFqYsEzdI2WspdZluoGyzScdOu/p4BUqOjl8yO3OH/nxWQ5c/iR7MZzgrP0fgiRMp\nLxTp21g3XeLkVLzimIAxbkxQb2PvDgNZ6OEhldeJwuXrahIG4/vp48VjBM2qxTEs\n7PATyi3tF0zSIlr/BNZXiJi25Z9PLJ3IPTwYPq+OSN1yzrbLS7qFxcOB9nPrxqBM\n4RW9yMPTgps3/QmPL6F1Z2DSTaADT+vYbiT9ktHuIhXRS6iH1uyBg+3U22bCN15Q\n+c90dHvcvh3PWuB2SYMy9PrA4T/9IqHIPsJlLgT4n8CM5ApuPvWRKnEZzuBIb9nL\n1w3qvtxhvDllQuRtNF1gVDUYHmfDJ78RHE2rCOYjRoaYkHV1vA6Jh4AENPlHMkMS\nB6+A07GrdbJJQjpGPLZaAeL8ZCmhwAxDNn5IR1XJ94mRAXJqylXxzpe5LXOCoP2R\neo0A3rU5ASuWWL7xT9/TohUOWjr6iHizZwi510JeSCuYKxMvWRqvhvSiaFBslGI9\nE0Q791E8vvvsuc75u00jTMV0O4Kq7qMXwkJIXw+yGpzOMpqZt884jQ==\n' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:Response' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-LAPwP5soJp6W3SUPc' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:Response', '--node-id', 'id-LAPwP5soJp6W3SUPc', '--output', '/tmp/tmpnxpjd61s.xml', '/tmp/tmpygt_6dp3.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpygt_6dp3.xml" output= ___________ TestServer1NonAsciiAva.test_encrypted_signed_response_3 ____________ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=75e39a4d177e6b154abb793ddab97670434f37c28a1919f83dfa8fe07099794curn:mace:example.com:saml:roland:spDaveConcepci\xc3\xb3ndave@cnr.mlb.com#13' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-6E7KMc1eRhpUASjO5' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmp6aurqc9d.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmp6aurqc9d.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_encrypted_signed_response_3(self): cert_str, cert_key_str = generate_cert() > signed_resp = self.server.create_authn_response( self.ava, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=self.name_id, sign_response=True, sign_assertion=True, encrypt_assertion=True, encrypt_assertion_self_contained=False, encrypt_cert_assertion=cert_str, ) tests/test_50_server.py:1726: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:900: in _response response = signed_instance_factory(response, self.sec, to_sign_assertion) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=75e39a4d177e6b154abb793ddab97670434f37c28a1919f83dfa8fe07099794curn:mace:example.com:saml:roland:spDaveConcepci\xc3\xb3ndave@cnr.mlb.com#13' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-6E7KMc1eRhpUASjO5' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-6E7KMc1eRhpUASjO5', '--output', '/tmp/tmp6qgprldo.xml', '/tmp/tmp6aurqc9d.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmp6aurqc9d.xml" output= ___________ TestServer1NonAsciiAva.test_encrypted_signed_response_4 ____________ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=75e39a4d177e6b154abb793ddab97670434f37c28a1919f83dfa8fe07099794curn:mace:example.com:saml:roland:spMIICujCCAiMCAQEwDQYJKoZIhvcNAQELBQAwbTELMAkGA1UEBhMCc2UxCzAJBgNV\nBAgMAmFjMQ0wCwYDVQQHDAR1bWVhMRwwGgYDVQQKDBNJVFMgVW1lYSBVbml2ZXJz\naXR5MQ0wCwYDVQQLDARESVJHMRUwEwYDVQQDDAxsb2NhbGhvc3QuY2EwHhcNMjQx\nMTE0MDk0NTU3WhcNMzQxMTEyMDk0NTU3WjBaMQswCQYDVQQGEwJzZTELMAkGA1UE\nCAwCYWMxDTALBgNVBAcMBFVtZWExDDAKBgNVBAoMA0lUUzENMAsGA1UECwwERElS\nRzESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAs6EfIRRCB2MavxPEjC1pgAHATh1sIffHC3WzrFvyk6USmioXTpTCoqVv\nEXOaxSgPXxMweC/AYS30JyNGqIev5xnvoGaBmwWAqd//C1oPV62z1zuCXvy0sU5v\nJnJY6QgXVRsdR3JDeYh7bie19etcscotaSj6IKjizx1kFOMMsu+RZU6E72/FDFu0\nuGz/33S6e37B2n/Fecl7hsnRkFC+1AvSCuP2P9ubFA9DvA3I3IUc/1cmoWN4VGKq\nUxQKJzdeDw1zq/DK6ndlfnYyjqNELoQT/OGE8o6hgcDB0qh5v6KNJ7lgWq0vgWh4\nbnxXKDpM4lpiMrjJNd0Hrm4r/WVUUwIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAFTl\nbF3MHM1lQRyK74zZwORZBjEi0qNk949nWI5iOgkLSbNotknv7ECnSazX4qBZSYmb\nY548LNIwOZzReKmVzy8quOIhxB5facuyNM1+alvg9ys3r7/4yQcYsuFX0PeHq7fK\nOmpZbZL4uNhK4HyreczbXkbg7O6EXAm9ABR1HRd3bjrJnKduRRfhGhjnoTs56aphSfm0zhu8yz+lqlWbw6ZysmrKVli3zvSJimB2ky7L\nT/Gs9UG5oo1bzDITC6PExlCIYMaM+vHrRnARQ5mP/O1Y/0f7WSedhcY7D99kLm1B\nZUOz23sGy5ULyjKUB13XhmAahPEPskfN1c9vAPDPtMo4JM8uIInW9lxhdAMn37Gv\nB1Zv/hI7SMCaoGiUeb5Crh/LwpMXE8EPg7sFcEcxL64Y+J9GQI9qIvcPBBjfCKr3\nK9AulWUzoOPKFlqpptEdfSmwOJwudAS3X6fMOLhFF7ThvsLLhETFAeXR8iAXYXwc\nD/LL5AddfmYutVuA6+FXmA==jhsGOuaHjWZp7JsZeSvh6x6/GbqxUAoZOxTZNJwW2T0PqXimpBg7M21BcX8bcSLk\nOEs5EdsEeethPCyl0C9oih2eDx17ELkJnxn4Ud34zyTC2GSx2Pee/ghdu1w4ReAp\nTXeQt+3nEmgf/vN9f0elQMvzTEV2SUFgrkyKEbR7MhyH/s8kDo2mStozJp5nvsea\nsTCU192oNjnO1+1h/cHixZk93xVYmdSpPHd+S1MnsylNLUPYZGRWtjdJnv8ZGx72\nQh3WTdSQt6wp2Iq/Fbs/bnunZMmxcLoCaNdFHRcFqoyjQdyveCW1gwKjBCVkjH0q\nv/sTJBIJOH1SjqL4C4EFRTf6fmxngHnvW6JgEzIIlegvwG4rYDLBbC1yX/UVV550\ncsnvlaD0kaGKkeJkK767mSXDci3sbojq+CBRbq3T/e66iWiH4iMfvLyWPMH+qbXU\nwYcmG2Yy3iSpy8xQkVVOr/mb8c88kUDSNN/9AxfTXhfqMCQ6eNZ7yn6s1XpN5QO7\naFt0eGQyP82YN8ib3v7gqoX9vu3gH1d8Be7W80+zqeTgcRDl2FWX1IgYb19JkVND\nOxsFJPs6XBjM9BsX+sSa0oZIUko0/hLzb3pplmtS6YlnZ2IwIzuYGCtDkaJG/PVX\nSRDBAx6Izd7xdaAhFWiHME5VhTWSQdisM4Tkl0g/TU7peBN80zqc1b06SY1GhKui\nAXNXz3lLerTlEvDma3rCo/+5YKQ0uPkoEhGiHBRzPo+kj4fhDjw0m2Av9OXUpxae\nWkYHr58+HqV+sObeu4+Hrw2a7uiI7n63rKs2GVlss7qGvI66ShHWs5mmvZQF6EoF\nRvPovbG7dHBxurkiQQrgqGYcmo0ZFuS8uZmAmfIGXUOMZVfufu5yPV8B7Q1ui9li\nx82Knyn3dFLCbeSpu9XYSnVLaelm+jjkPzqr7nm4sAA6ts+G1bW63+gF6+jh4QlA\naQe15nHiZbk6FKYtsGI4MLkNoriM33Xkj13kGhm3rVGzQNmno0PTHh+oUDqWEPpV\nByKtCfDa3dLZqIyBjpX6X7UvkNM6Faqfpcb+rpp9cqITVcHatedbqM34HxqFnb0m\nnXng2G0ubW8RUPHrL6JIYuDw5vtVdgh+5t2L98doLBVkC22ixtdcUQulDFeNl6cR\nZeoRCoAOxhJTZATy+T/CQvQ92nIBkOdTCgN/sen2fZJYa+lw731ASbtvFi5Y6RG2\nZAsrMo+lzf2WAwTov8u6pznfcY7ae4dW6CG/Z1ij+uBV9jXS/tzqSMBeZiVYA3qW\ng1i0l41FUKHGnw211aUPvmPJmFI/L+h+u7gOlJSFtgwyTaij2+i2/qhdeHEineuR\nTVJJ+LlVjydEj+mg/Iz29vDBrBxbLsvf0P5jyiSS9zbUpYJEUySgzahJyDVgqOyU\n2GJoT8BoO/QDbrrlrV3+MZDaqOl70U9MmmDGx21unf95C7hSziv3UhqxlLCMr4BU\ngLkp7XGrFvI4RvGMzB0CbgK9Gai/lmDrxvT6RqyzCOQmSj9Hb4tmBA1eZD5IcIwA\nMAMgXESziVcjep/vfyGJLTjRNpDnCWq8DcDnBH4nnYpmcuv1tEmtrpzYQgb41iLV\nYIpsWYcdeiDVkIynV7XkDJK8A9WWa9dVPENv3cBoTyNvwVbK7xAZzModrTEBdQSh\nKPhm+ksgHfj4+N/nE/bzbxcJnUtxzsxqdoFLwpC89aAfngp1gimoGEz767bAuMt6\nRFXc4lT9wNL56QKckDLIPIByS679gFd8GCMooNGXwApmkCUhIDyvu8iGYqsdg19m\nQqfOyNZTB1rBWbc4XhcN1Aqioc1LJKWKbGrBnhzWtdLCpYhzzMZWlsY/tSniHRO7\ny4QKsxckFD/aVlCOP3RUsv59H9wwFO+Ql30y+8OOCCKeIl8peAOz/beVOyUqAbmw\nlk7Ug4/jJjJdNaosfg/0ey2w52rgvxeDGv3mH6x5VQvkpP7ys3M4/ib+OOa2PsDI\nk7F6mCHM/DO87bn406ikZfm+LiilQvhSuwxzA1wT5wHzXn4Po7QnZ02jOikLXZXN\n9OR5Me9/p6UTkloeRx6X7sesEUEJEz5SoKO+1CaqIFt/fv74HO2jZil1K/hPLjEo\ndkReONkW4N0KGAe6bErc7oggzNoG1PrhVI4PhSpAH1Eal0BtRQwUzGfr64kn11A4\nE5A2QHg5tEFUPtj6IJBKau4QNxw/WItSNa9RfWw07b/keOn89L3m2CTmTt2fDWH9\nZQkSykLuqHF/Otd2UfhcC6oQwhf9q917LvuSFr4ZGUzGG2y/oNVh2jq7hU0DJDPv\n0gZZHQoTAKHaq7o4kVzootQ+mFD8kFa18++g9W+EUrOlxPp1ds9uHGBNOCqsNB6B\n6o4tQgUvYGkf6GaK3CkyG1Ut2XkxbVgKYjtRqSKCcM6Mzy5a3hWu0g==' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-gUt0T1RM0KClBqjjb' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpqd0mfhbf.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpqd0mfhbf.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_encrypted_signed_response_4(self): cert_str, cert_key_str = generate_cert() > signed_resp = self.server.create_authn_response( self.ava, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=self.name_id, sign_response=True, sign_assertion=True, encrypt_assertion=True, encrypt_assertion_self_contained=True, pefim=True, encrypt_cert_advice=cert_str, ) tests/test_50_server.py:1773: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:900: in _response response = signed_instance_factory(response, self.sec, to_sign_assertion) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=75e39a4d177e6b154abb793ddab97670434f37c28a1919f83dfa8fe07099794curn:mace:example.com:saml:roland:spMIICujCCAiMCAQEwDQYJKoZIhvcNAQELBQAwbTELMAkGA1UEBhMCc2UxCzAJBgNV\nBAgMAmFjMQ0wCwYDVQQHDAR1bWVhMRwwGgYDVQQKDBNJVFMgVW1lYSBVbml2ZXJz\naXR5MQ0wCwYDVQQLDARESVJHMRUwEwYDVQQDDAxsb2NhbGhvc3QuY2EwHhcNMjQx\nMTE0MDk0NTU3WhcNMzQxMTEyMDk0NTU3WjBaMQswCQYDVQQGEwJzZTELMAkGA1UE\nCAwCYWMxDTALBgNVBAcMBFVtZWExDDAKBgNVBAoMA0lUUzENMAsGA1UECwwERElS\nRzESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAs6EfIRRCB2MavxPEjC1pgAHATh1sIffHC3WzrFvyk6USmioXTpTCoqVv\nEXOaxSgPXxMweC/AYS30JyNGqIev5xnvoGaBmwWAqd//C1oPV62z1zuCXvy0sU5v\nJnJY6QgXVRsdR3JDeYh7bie19etcscotaSj6IKjizx1kFOMMsu+RZU6E72/FDFu0\nuGz/33S6e37B2n/Fecl7hsnRkFC+1AvSCuP2P9ubFA9DvA3I3IUc/1cmoWN4VGKq\nUxQKJzdeDw1zq/DK6ndlfnYyjqNELoQT/OGE8o6hgcDB0qh5v6KNJ7lgWq0vgWh4\nbnxXKDpM4lpiMrjJNd0Hrm4r/WVUUwIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAFTl\nbF3MHM1lQRyK74zZwORZBjEi0qNk949nWI5iOgkLSbNotknv7ECnSazX4qBZSYmb\nY548LNIwOZzReKmVzy8quOIhxB5facuyNM1+alvg9ys3r7/4yQcYsuFX0PeHq7fK\nOmpZbZL4uNhK4HyreczbXkbg7O6EXAm9ABR1HRd3bjrJnKduRRfhGhjnoTs56aphSfm0zhu8yz+lqlWbw6ZysmrKVli3zvSJimB2ky7L\nT/Gs9UG5oo1bzDITC6PExlCIYMaM+vHrRnARQ5mP/O1Y/0f7WSedhcY7D99kLm1B\nZUOz23sGy5ULyjKUB13XhmAahPEPskfN1c9vAPDPtMo4JM8uIInW9lxhdAMn37Gv\nB1Zv/hI7SMCaoGiUeb5Crh/LwpMXE8EPg7sFcEcxL64Y+J9GQI9qIvcPBBjfCKr3\nK9AulWUzoOPKFlqpptEdfSmwOJwudAS3X6fMOLhFF7ThvsLLhETFAeXR8iAXYXwc\nD/LL5AddfmYutVuA6+FXmA==jhsGOuaHjWZp7JsZeSvh6x6/GbqxUAoZOxTZNJwW2T0PqXimpBg7M21BcX8bcSLk\nOEs5EdsEeethPCyl0C9oih2eDx17ELkJnxn4Ud34zyTC2GSx2Pee/ghdu1w4ReAp\nTXeQt+3nEmgf/vN9f0elQMvzTEV2SUFgrkyKEbR7MhyH/s8kDo2mStozJp5nvsea\nsTCU192oNjnO1+1h/cHixZk93xVYmdSpPHd+S1MnsylNLUPYZGRWtjdJnv8ZGx72\nQh3WTdSQt6wp2Iq/Fbs/bnunZMmxcLoCaNdFHRcFqoyjQdyveCW1gwKjBCVkjH0q\nv/sTJBIJOH1SjqL4C4EFRTf6fmxngHnvW6JgEzIIlegvwG4rYDLBbC1yX/UVV550\ncsnvlaD0kaGKkeJkK767mSXDci3sbojq+CBRbq3T/e66iWiH4iMfvLyWPMH+qbXU\nwYcmG2Yy3iSpy8xQkVVOr/mb8c88kUDSNN/9AxfTXhfqMCQ6eNZ7yn6s1XpN5QO7\naFt0eGQyP82YN8ib3v7gqoX9vu3gH1d8Be7W80+zqeTgcRDl2FWX1IgYb19JkVND\nOxsFJPs6XBjM9BsX+sSa0oZIUko0/hLzb3pplmtS6YlnZ2IwIzuYGCtDkaJG/PVX\nSRDBAx6Izd7xdaAhFWiHME5VhTWSQdisM4Tkl0g/TU7peBN80zqc1b06SY1GhKui\nAXNXz3lLerTlEvDma3rCo/+5YKQ0uPkoEhGiHBRzPo+kj4fhDjw0m2Av9OXUpxae\nWkYHr58+HqV+sObeu4+Hrw2a7uiI7n63rKs2GVlss7qGvI66ShHWs5mmvZQF6EoF\nRvPovbG7dHBxurkiQQrgqGYcmo0ZFuS8uZmAmfIGXUOMZVfufu5yPV8B7Q1ui9li\nx82Knyn3dFLCbeSpu9XYSnVLaelm+jjkPzqr7nm4sAA6ts+G1bW63+gF6+jh4QlA\naQe15nHiZbk6FKYtsGI4MLkNoriM33Xkj13kGhm3rVGzQNmno0PTHh+oUDqWEPpV\nByKtCfDa3dLZqIyBjpX6X7UvkNM6Faqfpcb+rpp9cqITVcHatedbqM34HxqFnb0m\nnXng2G0ubW8RUPHrL6JIYuDw5vtVdgh+5t2L98doLBVkC22ixtdcUQulDFeNl6cR\nZeoRCoAOxhJTZATy+T/CQvQ92nIBkOdTCgN/sen2fZJYa+lw731ASbtvFi5Y6RG2\nZAsrMo+lzf2WAwTov8u6pznfcY7ae4dW6CG/Z1ij+uBV9jXS/tzqSMBeZiVYA3qW\ng1i0l41FUKHGnw211aUPvmPJmFI/L+h+u7gOlJSFtgwyTaij2+i2/qhdeHEineuR\nTVJJ+LlVjydEj+mg/Iz29vDBrBxbLsvf0P5jyiSS9zbUpYJEUySgzahJyDVgqOyU\n2GJoT8BoO/QDbrrlrV3+MZDaqOl70U9MmmDGx21unf95C7hSziv3UhqxlLCMr4BU\ngLkp7XGrFvI4RvGMzB0CbgK9Gai/lmDrxvT6RqyzCOQmSj9Hb4tmBA1eZD5IcIwA\nMAMgXESziVcjep/vfyGJLTjRNpDnCWq8DcDnBH4nnYpmcuv1tEmtrpzYQgb41iLV\nYIpsWYcdeiDVkIynV7XkDJK8A9WWa9dVPENv3cBoTyNvwVbK7xAZzModrTEBdQSh\nKPhm+ksgHfj4+N/nE/bzbxcJnUtxzsxqdoFLwpC89aAfngp1gimoGEz767bAuMt6\nRFXc4lT9wNL56QKckDLIPIByS679gFd8GCMooNGXwApmkCUhIDyvu8iGYqsdg19m\nQqfOyNZTB1rBWbc4XhcN1Aqioc1LJKWKbGrBnhzWtdLCpYhzzMZWlsY/tSniHRO7\ny4QKsxckFD/aVlCOP3RUsv59H9wwFO+Ql30y+8OOCCKeIl8peAOz/beVOyUqAbmw\nlk7Ug4/jJjJdNaosfg/0ey2w52rgvxeDGv3mH6x5VQvkpP7ys3M4/ib+OOa2PsDI\nk7F6mCHM/DO87bn406ikZfm+LiilQvhSuwxzA1wT5wHzXn4Po7QnZ02jOikLXZXN\n9OR5Me9/p6UTkloeRx6X7sesEUEJEz5SoKO+1CaqIFt/fv74HO2jZil1K/hPLjEo\ndkReONkW4N0KGAe6bErc7oggzNoG1PrhVI4PhSpAH1Eal0BtRQwUzGfr64kn11A4\nE5A2QHg5tEFUPtj6IJBKau4QNxw/WItSNa9RfWw07b/keOn89L3m2CTmTt2fDWH9\nZQkSykLuqHF/Otd2UfhcC6oQwhf9q917LvuSFr4ZGUzGG2y/oNVh2jq7hU0DJDPv\n0gZZHQoTAKHaq7o4kVzootQ+mFD8kFa18++g9W+EUrOlxPp1ds9uHGBNOCqsNB6B\n6o4tQgUvYGkf6GaK3CkyG1Ut2XkxbVgKYjtRqSKCcM6Mzy5a3hWu0g==' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-gUt0T1RM0KClBqjjb' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-gUt0T1RM0KClBqjjb', '--output', '/tmp/tmpmkmh_g6o.xml', '/tmp/tmpqd0mfhbf.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpqd0mfhbf.xml" output= _____________________ TestClient.test_sign_auth_request_0 ______________________ self = statement = b'urn:mace:example.com:saml:roland:spMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:AuthnRequest' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id1' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:AuthnRequest', ...] extra_args = ['/tmp/tmp1gbdke84.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmp1gbdke84.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_sign_auth_request_0(self): > req_id, areq = self.client.create_authn_request("http://www.example.com/sso", sign=True, message_id="id1") tests/test_51_client.py:396: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/client_base.py:445: in create_authn_request msg = self._message( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:588: in _message signed_req = self.sign( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:524: in sign return signed_instance_factory(msg, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:spMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:AuthnRequest' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id1' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:AuthnRequest', '--node-id', 'id1', '--output', '/tmp/tmpcglqf0gl.xml', '/tmp/tmp1gbdke84.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmp1gbdke84.xml" output= _______________________ TestClient.test_logout_response ________________________ self = def test_logout_response(self): req_id, req = self.server.create_logout_request( "http://localhost:8088/slo", "urn:mace:example.com:saml:roland:sp", name_id=nid, reason="Tired", expire=in_a_while(minutes=15), session_indexes=["_foo"], ) info = self.client.apply_binding(BINDING_HTTP_POST, req, destination="", relay_state="relay2") _dic_info = unpack_form(info["data"], "SAMLRequest") samlreq = _dic_info["SAMLRequest"] > resphttp = self.client.handle_logout_request(samlreq, nid, BINDING_HTTP_POST) tests/test_51_client.py:429: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = request = 'PG5zMDpMb2dvdXRSZXF1ZXN0IHhtbG5zOm5zMD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIiB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIiBJRD0iaWQteU8zR0dDMHFGRG0xWW1ydHciIFZlcnNpb249IjIuMCIgSXNzdWVJbnN0YW50PSIyMDI0LTExLTE0VDA5OjQ1OjU4WiIgRGVzdGluYXRpb249Imh0dHA6Ly9sb2NhbGhvc3Q6ODA4OC9zbG8iIFJlYXNvbj0iVGlyZWQiIE5vdE9uT3JBZnRlcj0iMjAyNC0xMS0xNFQxMDowMDo1OFoiPjxzYW1sOklzc3VlciBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpuYW1laWQtZm9ybWF0OmVudGl0eSI+dXJuOm1hY2U6ZXhhbXBsZS5jb206c2FtbDpyb2xhbmQ6aWRwPC9zYW1sOklzc3Vlcj48c2FtbDpOYW1lSUQgTmFtZVF1YWxpZmllcj0iZm9vIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpuYW1laWQtZm9ybWF0OnRyYW5zaWVudCI+MTIzNDU2PC9zYW1sOk5hbWVJRD48bnMwOlNlc3Npb25JbmRleD5fZm9vPC9uczA6U2Vzc2lvbkluZGV4PjwvbnMwOkxvZ291dFJlcXVlc3Q+' name_id = binding = 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST', sign = True sign_alg = None, digest_alg = None, relay_state = None, sigalg = None signature = None def handle_logout_request( self, request, name_id, binding, sign=None, sign_alg=None, digest_alg=None, relay_state=None, sigalg=None, signature=None, ): """ Deal with a LogoutRequest :param request: The request as text string :param name_id: The id of the current user :param binding: Which binding the message came in over :param sign: Whether the response will be signed or not :param sign_alg: The signing algorithm for the response :param digest_alg: The digest algorithm for the the response :param relay_state: The relay state of the request :param sigalg: The SigAlg query param of the request :param signature: The Signature query param of the request :return: Keyword arguments which can be used to send the response what's returned follow different patterns for different bindings. If the binding is BINDIND_SOAP, what is returned looks like this:: { "data": "url": "", 'headers': [('content-type', 'application/soap+xml')] 'method': "POST } """ logger.debug("logout request: %s", request) _req = self.parse_logout_request( xmlstr=request, binding=binding, relay_state=relay_state, sigalg=sigalg, signature=signature, ) if _req.message.name_id == name_id: try: if self.local_logout(name_id): status = success_status_factory() else: status = status_message_factory("Server error", STATUS_REQUEST_DENIED) except KeyError: status = status_message_factory("Server error", STATUS_REQUEST_DENIED) else: status = status_message_factory("Wrong user", STATUS_UNKNOWN_PRINCIPAL) response_bindings = { BINDING_SOAP: [BINDING_SOAP], BINDING_HTTP_POST: [BINDING_HTTP_POST, BINDING_HTTP_REDIRECT], BINDING_HTTP_REDIRECT: [BINDING_HTTP_REDIRECT, BINDING_HTTP_POST], }.get(binding, []) for response_binding in response_bindings: sign = sign if sign is not None else self.logout_responses_signed sign_redirect = sign and response_binding == BINDING_HTTP_REDIRECT sign_post = sign and not sign_redirect try: response = self.create_logout_response( _req.message, bindings=[response_binding], status=status, sign=sign_post, sign_alg=sign_alg, digest_alg=digest_alg, ) rinfo = self.response_args(_req.message, [response_binding]) return self.apply_binding( rinfo["binding"], response, rinfo["destination"], relay_state, response=True, sign=sign_redirect, sigalg=sign_alg, ) except Exception: continue log_ctx = { "message": "No supported bindings found to create LogoutResponse", "issuer": _req.issuer.text, "response_bindings": response_bindings, } > raise SAMLError(log_ctx) E saml2.SAMLError: {'message': 'No supported bindings found to create LogoutResponse', 'issuer': 'urn:mace:example.com:saml:roland:idp', 'response_bindings': ['urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST', 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect']} ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/client.py:733: SAMLError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmprb389scs.xml" output= ERROR saml2.mdstore:mdstore.py:1184 Unsupported binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect (urn:mace:example.com:saml:roland:idp) ERROR saml2.entity:entity.py:352 Failed to find consumer URL: urn:mace:example.com:saml:roland:idp, ['urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'], idpsso __________________________ TestClient.test_response_1 __________________________ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idp8c6a5405d22fa41281687e38f4615fdb41a8a8ac3355ef38e478b3997ef59b90urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginDerekJeterderek@nyy.mlb.comThe man' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:Response' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-8n8zkRsWwpnmHcBJ8' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:Response', ...] extra_args = ['/tmp/tmp5cujdgje.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmp5cujdgje.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_response_1(self): IDP = "urn:mace:example.com:saml:roland:idp" ava = {"givenName": ["Derek"], "sn": ["Jeter"], "mail": ["derek@nyy.mlb.com"], "title": ["The man"]} nameid_policy = samlp.NameIDPolicy(allow_create="false", format=saml.NAMEID_FORMAT_PERSISTENT) > resp = self.server.create_authn_response( identity=ava, in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", name_id_policy=nameid_policy, sign_response=True, userid="foba0001@example.com", authn=AUTHN, ) tests/test_51_client.py:469: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:918: in _response return self.sign(response, to_sign=to_sign, sign_alg=sign_alg, digest_alg=digest_alg) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:524: in sign return signed_instance_factory(msg, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idp8c6a5405d22fa41281687e38f4615fdb41a8a8ac3355ef38e478b3997ef59b90urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginDerekJeterderek@nyy.mlb.comThe man' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:Response' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-8n8zkRsWwpnmHcBJ8' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:Response', '--node-id', 'id-8n8zkRsWwpnmHcBJ8', '--output', '/tmp/tmpw3vx_iq_.xml', '/tmp/tmp5cujdgje.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmp5cujdgje.xml" output= __________________________ TestClient.test_response_2 __________________________ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=100010b3fb04e9a87d4ada9def142172e0e4f96c7fa69d6e3471543ba215f8d2urn:mace:example.com:saml:roland:spMIICujCCAiMCAQEwDQYJKoZIhvcNAQELBQAwbTELMAkGA1UEBhMCc2UxCzAJBgNV\nBAgMAmFjMQ0wCwYDVQQHDAR1bWVhMRwwGgYDVQQKDBNJVFMgVW1lYSBVbml2ZXJz\naXR5MQ0wCwYDVQQLDARESVJHMRUwEwYDVQQDDAxsb2NhbGhvc3QuY2EwHhcNMjQx\nMTE0MDk0NTU4WhcNMzQxMTEyMDk0NTU4WjBaMQswCQYDVQQGEwJzZTELMAkGA1UE\nCAwCYWMxDTALBgNVBAcMBFVtZWExDDAKBgNVBAoMA0lUUzENMAsGA1UECwwERElS\nRzESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEA3tLNfbKjzMJrqQL9ZkFVUpQj2uKtllrCrMt95/t+xIhUPecZcCnfSVIi\n20WKMl45HDaqektQ7TPq2XM8aUZyDOLrIZOpb40i6HyPiN0dUb6d1FcRLqhN3o0b\ncL1Z+fiWxATadUx5Y/iqP8844d3NHmlHXJFCpdes6vgtfg0lV1e7nNxM/EjCcQFc\n5zp//N1bbt/uioGeZFy1yN4f91ej8NLW+y8/6PheaVmzwSMKnJhFLdiu3tlovFV9\nH5OqHywdkRT3soT/WSZbjOmCxlNTX1MGnVry8uW8qhVyIC0m3KsEcdZXCJ5/boCA\n8ffu/vAKdKcZlKO73CEfcu0gQkutIQIDAQABMA0GCSqGSIb3DQEBCwUAA4GBALXD\nczsNhK8+owbN3uMlkdQUO/NrdcHwgE/SteDYMDo1S5iQBSEz/+0A42g3JCYyN0Eg\nkUmOD5/daUHCFhGXoKCii8JXEjyi83z/yp/r1+0xJf8b0k7aUCoJlwu5ZXbpIO27\nDfyk67Y+z4DTtfmQSM7s5AUgc6xw8ywuSPK7JPrNmO574hdmWKRIfYe4fXT9DnM3BYCpCIAlm5qyzl4vITeN5oa/BKIJ7XsZGBxYOoYr\n1bH+x0IG6KO5In0o2x3N7ihiJTuGhAU6VI4dYggARaDoXOmreMo906RXE4+vc7/8\nQBCe38fGoVJVfvRxb7DAVDLpV60v7MQwtnL8AHsZUiFIIll+6duigInGJRuDohVc\nSxcqo0BwTDM9RBGAB/bgWwJ30GXLR6NE22lnd3gKUGPxRzli2zHErCZeaOMPJE4V\n3eANwHoo4uAHGGcjnhN6XtxwRQ4mEQOTT1/Zn0VAKTpZXh/cCaA/1aqaPkqvrjU/\nwdmO7/ZJK19ITAvoy/r0mg==WL1RHJii6wDpCpZWnFewDJrCJ7eiFYMxhbXBtdZm3kuGOO7DMUOZW6OyDclaBPmW\n24/ZeEcJLLH/EsZl4SNTGj0ncUq/tX5ktoZDWrX8R7up2OmG6mNZ5gZjdyioo4W1\np4LFCk3aOnCwbP31hv/NQRsazE7cS6E+cXVg9891lAmTgwYA16G2s345J0a3tIAi\nkKQHx4W8gUTRN8TlL/avGmNQc6B76NMeejf8YZ3JHCvTAD5gS9orEEJDxWIeEQcr\nKLh2uIYV/NJYpwzYQhcl5lgELmze0dQVn1KFksWgy3vrupgTc0Se6MyAfeK4jLfo\nfeDx3TnsDGmyEiksndmdE1cG7bBiM+9fo3mtynVgEJ0xJOHdKk1O1QZ4eC+XZ7Y1\nnjJBJJ81QuaK6T1SCsaGSWp9KaS2x7uf42AWlY1flAhTQ83iMkyb6/DDQpAIL3Oj\n7beOSPnbqH/xbpxxWa3AOpS5YbDnXJrf8mxgaSkx9TQS+JBf7iH6ZMTZ7FCGcm2y\n3o7kKF9O7yovGlxZGn7CTUGOIjbDXpfKGoITKewgEfhMtDpQ/NBAFn3zyhZJWTAN\nAkJAodon54BDdT1DMEaYAWjK5G/K+hyBHB2PaTDHkAZFfQ5NWX9cY7L91C8euKFQ\nymxQhIHFukXeP96jbwBW0KkZ+5PXXXTdVCzW8QZgH0AQ+/II5DZhAyD72CxvWyc4\nnuU8LQNd5r2b6QUw7afT2fqBRgaEpd0+Ee6g9lDTYZa2gRs7ZU+/zizHOdd/SdKo\nDhEa8DeR3Or+NXQjvrWHjPcas3gz27KOE19q+no/fYUra/VDjJgwJ5PyCM34NWTd\nVCNHbns+5AT/8Vdv7nQGgDiSaZvaCamYSTDhv4Vw+CLMt4Ny733AFZ/rT8iY2MTL\nYfhQ/cmErL+jHP5lyrz/Ira9zNSN0W8e467kYkcxmEGQPn8wD6L9CPqyC65OAw2v\nNyX1i6jqMnMVsUcIHBS8mQNKyJySNHYDCWfdwQFftOjulG4SEYxh/F+j77GdoE5P\n8yl/e8AG1wX4GQpsHPhXcdGUak5J9Sd9LsLbcvEEhL0Nsyb5epyRn0JJ+NF0mfBA\n+uELzhxzr1IbRARrOPsjQBBTWERlZD9Sw3W1KKbmJSkJCUg1GWzLPRMTf0SC+SVH\n60cFuOpoJVaS2oEiYFIkDXJo6wc7s0UkntGX6RE82mCLvjD75a0uR9QXYIMm5ooB\n+bWtvIVmVd93KUEJUFh35vOx9UKUiy1eYNcz/gsqNczA5flKFyeQ7vzrvMWFT2Wz\n0kvCwPNvCY5iE0WzCW7Wmads4yi0GwQgi7mO4vKzbqtYMOujU8XWFTB0iiSt0GRv\nlALW2eGid1x0EtaSO7twh/bebc8uqK+UhpfVh8ymsheOjfk5rrabOQS7ZC4qnzao\n1wHndUzdJTUa3u2GIweljjXPXqe16aXQYoeFy5/1X4gNuPJNNzISCPDT4l8anVnd\nLTd/7BW0NS62/5JZzcH7YbYj7Nbp6zpAbBDqyio34QoppvQFvhWmzLfFm2XsHHmz\nTrkRCM3z89QcDTEJuYhquWbzeLHeGLvu5QIQoSyq98n7O/8XRikcMtYbKhByB5UV\ncJbBscC9Lf5vorJeJPQrw9o2REweZNyu+XFcpZFCxFDj0upoAUwmZn3LKtZvLLiZ\nQ5kF07cynjCg++kEVx+c19khHiNjVasWfZxyazx9h7+gpbUBm7Qli61EbnNbQqXy\nUoJ/N4dmfHEobkK1CKb/ZBbBkKO2YGrSuz9CB6knhtYIBjZo3FZPmRRecdVAnoQP\n1WXVngT8qdwKXg1LUFdjhCP3iFW5j4gTMSqMnkzh001FHEhauUqam0vYFrGUOFbQ\na401EePB5+lHDi5SY4jY6N5L08qFHRsFvVhvIwWoNOwenHC+ewDw3egWB21Nu647\nOlohmy3+HkHBfJ5glg6fYy1ala4vdB7rCJ2qDpzeF4U04OhVzS+FrlKTJbrWqqt4\nwgKuACUE4MKpP4ytMxsYygwZghSBwSzoi2z95OSIGm2d4jiwmzgG0/ewcmg0I7At\nM3dGUkx77AXZMm5w5Vpb2aPjR1y5zlO7F8wPlOrllqP0BxRF+p1rKtOcgBpmhGOg\nNyHUyRzscw6hsn9SWW3lsV8pXmuTQOHLVA6fwM/ZANzOTaKz0oRs/oMbOT/mjUSM\nAmv/wl6U07sob86fwNfMN8BusDqwtRBmsb7kr4C26eYKh2eZ8mIUPCDkn5NzhBXt\nVm1Lz8fbVq8VJLbTPp4fsCvlTHU0xQTZ7N9zRSCg0FW9X5ADVI8Voe2FgSlLCjWE\nxIZjgkS0qq6wIjtJBlZcAi/4mVA8D/7Cc1CDX3ysWPfavq5kpfbyBpTvrDsvakVq\nqPlQpWshxiSXuNrAVslu/rp73xSSvZ2ETJYfxIknmMecG9XwU1w9Ug==urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/login' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-vFUVwHRj1g4pac24T' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmp3r8tppg8.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmp3r8tppg8.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_response_2(self): conf = config.SPConfig() conf.load_file("server_conf") _client = Saml2Client(conf) idp, ava, ava_verify, nameid_policy = self.setup_verify_authn_response() cert_str, cert_key_str = generate_cert() cert = {"cert": cert_str, "key": cert_key_str} self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id1") > resp = self.server.create_authn_response( identity=ava, in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", name_id=self.name_id, userid="foba0001@example.com", authn=AUTHN, sign_response=True, sign_assertion=True, encrypt_assertion=False, encrypt_assertion_self_contained=True, pefim=True, encrypt_cert_advice=cert_str, ) tests/test_51_client.py:549: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:907: in _response response = signed_instance_factory(response, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=100010b3fb04e9a87d4ada9def142172e0e4f96c7fa69d6e3471543ba215f8d2urn:mace:example.com:saml:roland:spMIICujCCAiMCAQEwDQYJKoZIhvcNAQELBQAwbTELMAkGA1UEBhMCc2UxCzAJBgNV\nBAgMAmFjMQ0wCwYDVQQHDAR1bWVhMRwwGgYDVQQKDBNJVFMgVW1lYSBVbml2ZXJz\naXR5MQ0wCwYDVQQLDARESVJHMRUwEwYDVQQDDAxsb2NhbGhvc3QuY2EwHhcNMjQx\nMTE0MDk0NTU4WhcNMzQxMTEyMDk0NTU4WjBaMQswCQYDVQQGEwJzZTELMAkGA1UE\nCAwCYWMxDTALBgNVBAcMBFVtZWExDDAKBgNVBAoMA0lUUzENMAsGA1UECwwERElS\nRzESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEA3tLNfbKjzMJrqQL9ZkFVUpQj2uKtllrCrMt95/t+xIhUPecZcCnfSVIi\n20WKMl45HDaqektQ7TPq2XM8aUZyDOLrIZOpb40i6HyPiN0dUb6d1FcRLqhN3o0b\ncL1Z+fiWxATadUx5Y/iqP8844d3NHmlHXJFCpdes6vgtfg0lV1e7nNxM/EjCcQFc\n5zp//N1bbt/uioGeZFy1yN4f91ej8NLW+y8/6PheaVmzwSMKnJhFLdiu3tlovFV9\nH5OqHywdkRT3soT/WSZbjOmCxlNTX1MGnVry8uW8qhVyIC0m3KsEcdZXCJ5/boCA\n8ffu/vAKdKcZlKO73CEfcu0gQkutIQIDAQABMA0GCSqGSIb3DQEBCwUAA4GBALXD\nczsNhK8+owbN3uMlkdQUO/NrdcHwgE/SteDYMDo1S5iQBSEz/+0A42g3JCYyN0Eg\nkUmOD5/daUHCFhGXoKCii8JXEjyi83z/yp/r1+0xJf8b0k7aUCoJlwu5ZXbpIO27\nDfyk67Y+z4DTtfmQSM7s5AUgc6xw8ywuSPK7JPrNmO574hdmWKRIfYe4fXT9DnM3BYCpCIAlm5qyzl4vITeN5oa/BKIJ7XsZGBxYOoYr\n1bH+x0IG6KO5In0o2x3N7ihiJTuGhAU6VI4dYggARaDoXOmreMo906RXE4+vc7/8\nQBCe38fGoVJVfvRxb7DAVDLpV60v7MQwtnL8AHsZUiFIIll+6duigInGJRuDohVc\nSxcqo0BwTDM9RBGAB/bgWwJ30GXLR6NE22lnd3gKUGPxRzli2zHErCZeaOMPJE4V\n3eANwHoo4uAHGGcjnhN6XtxwRQ4mEQOTT1/Zn0VAKTpZXh/cCaA/1aqaPkqvrjU/\nwdmO7/ZJK19ITAvoy/r0mg==WL1RHJii6wDpCpZWnFewDJrCJ7eiFYMxhbXBtdZm3kuGOO7DMUOZW6OyDclaBPmW\n24/ZeEcJLLH/EsZl4SNTGj0ncUq/tX5ktoZDWrX8R7up2OmG6mNZ5gZjdyioo4W1\np4LFCk3aOnCwbP31hv/NQRsazE7cS6E+cXVg9891lAmTgwYA16G2s345J0a3tIAi\nkKQHx4W8gUTRN8TlL/avGmNQc6B76NMeejf8YZ3JHCvTAD5gS9orEEJDxWIeEQcr\nKLh2uIYV/NJYpwzYQhcl5lgELmze0dQVn1KFksWgy3vrupgTc0Se6MyAfeK4jLfo\nfeDx3TnsDGmyEiksndmdE1cG7bBiM+9fo3mtynVgEJ0xJOHdKk1O1QZ4eC+XZ7Y1\nnjJBJJ81QuaK6T1SCsaGSWp9KaS2x7uf42AWlY1flAhTQ83iMkyb6/DDQpAIL3Oj\n7beOSPnbqH/xbpxxWa3AOpS5YbDnXJrf8mxgaSkx9TQS+JBf7iH6ZMTZ7FCGcm2y\n3o7kKF9O7yovGlxZGn7CTUGOIjbDXpfKGoITKewgEfhMtDpQ/NBAFn3zyhZJWTAN\nAkJAodon54BDdT1DMEaYAWjK5G/K+hyBHB2PaTDHkAZFfQ5NWX9cY7L91C8euKFQ\nymxQhIHFukXeP96jbwBW0KkZ+5PXXXTdVCzW8QZgH0AQ+/II5DZhAyD72CxvWyc4\nnuU8LQNd5r2b6QUw7afT2fqBRgaEpd0+Ee6g9lDTYZa2gRs7ZU+/zizHOdd/SdKo\nDhEa8DeR3Or+NXQjvrWHjPcas3gz27KOE19q+no/fYUra/VDjJgwJ5PyCM34NWTd\nVCNHbns+5AT/8Vdv7nQGgDiSaZvaCamYSTDhv4Vw+CLMt4Ny733AFZ/rT8iY2MTL\nYfhQ/cmErL+jHP5lyrz/Ira9zNSN0W8e467kYkcxmEGQPn8wD6L9CPqyC65OAw2v\nNyX1i6jqMnMVsUcIHBS8mQNKyJySNHYDCWfdwQFftOjulG4SEYxh/F+j77GdoE5P\n8yl/e8AG1wX4GQpsHPhXcdGUak5J9Sd9LsLbcvEEhL0Nsyb5epyRn0JJ+NF0mfBA\n+uELzhxzr1IbRARrOPsjQBBTWERlZD9Sw3W1KKbmJSkJCUg1GWzLPRMTf0SC+SVH\n60cFuOpoJVaS2oEiYFIkDXJo6wc7s0UkntGX6RE82mCLvjD75a0uR9QXYIMm5ooB\n+bWtvIVmVd93KUEJUFh35vOx9UKUiy1eYNcz/gsqNczA5flKFyeQ7vzrvMWFT2Wz\n0kvCwPNvCY5iE0WzCW7Wmads4yi0GwQgi7mO4vKzbqtYMOujU8XWFTB0iiSt0GRv\nlALW2eGid1x0EtaSO7twh/bebc8uqK+UhpfVh8ymsheOjfk5rrabOQS7ZC4qnzao\n1wHndUzdJTUa3u2GIweljjXPXqe16aXQYoeFy5/1X4gNuPJNNzISCPDT4l8anVnd\nLTd/7BW0NS62/5JZzcH7YbYj7Nbp6zpAbBDqyio34QoppvQFvhWmzLfFm2XsHHmz\nTrkRCM3z89QcDTEJuYhquWbzeLHeGLvu5QIQoSyq98n7O/8XRikcMtYbKhByB5UV\ncJbBscC9Lf5vorJeJPQrw9o2REweZNyu+XFcpZFCxFDj0upoAUwmZn3LKtZvLLiZ\nQ5kF07cynjCg++kEVx+c19khHiNjVasWfZxyazx9h7+gpbUBm7Qli61EbnNbQqXy\nUoJ/N4dmfHEobkK1CKb/ZBbBkKO2YGrSuz9CB6knhtYIBjZo3FZPmRRecdVAnoQP\n1WXVngT8qdwKXg1LUFdjhCP3iFW5j4gTMSqMnkzh001FHEhauUqam0vYFrGUOFbQ\na401EePB5+lHDi5SY4jY6N5L08qFHRsFvVhvIwWoNOwenHC+ewDw3egWB21Nu647\nOlohmy3+HkHBfJ5glg6fYy1ala4vdB7rCJ2qDpzeF4U04OhVzS+FrlKTJbrWqqt4\nwgKuACUE4MKpP4ytMxsYygwZghSBwSzoi2z95OSIGm2d4jiwmzgG0/ewcmg0I7At\nM3dGUkx77AXZMm5w5Vpb2aPjR1y5zlO7F8wPlOrllqP0BxRF+p1rKtOcgBpmhGOg\nNyHUyRzscw6hsn9SWW3lsV8pXmuTQOHLVA6fwM/ZANzOTaKz0oRs/oMbOT/mjUSM\nAmv/wl6U07sob86fwNfMN8BusDqwtRBmsb7kr4C26eYKh2eZ8mIUPCDkn5NzhBXt\nVm1Lz8fbVq8VJLbTPp4fsCvlTHU0xQTZ7N9zRSCg0FW9X5ADVI8Voe2FgSlLCjWE\nxIZjgkS0qq6wIjtJBlZcAi/4mVA8D/7Cc1CDX3ysWPfavq5kpfbyBpTvrDsvakVq\nqPlQpWshxiSXuNrAVslu/rp73xSSvZ2ETJYfxIknmMecG9XwU1w9Ug==urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/login' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-vFUVwHRj1g4pac24T' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-vFUVwHRj1g4pac24T', '--output', '/tmp/tmppf5_y1e_.xml', '/tmp/tmp3r8tppg8.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmp3r8tppg8.xml" output= __________________________ TestClient.test_response_3 __________________________ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=00681bc0808c1f8766ab154a11c08f0367d13666e6e940563c5ccb1367f75dceurn:mace:example.com:saml:roland:spMIICHzCCAYgCAQEwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UEBhMCenoxCzAJBgNV\nBAgMAnp6MQ0wCwYDVQQHDAR6enp6MQ4wDAYDVQQKDAVaenp6ejEOMAwGA1UECwwF\nWnp6enoxDTALBgNVBAMMBHRlc3QwHhcNMTUwNjAyMDc0MzAxWhcNMjUwNTMwMDc0\nMzAxWjBYMQswCQYDVQQGEwJ6ejELMAkGA1UECAwCenoxDTALBgNVBAcMBHp6enox\nDjAMBgNVBAoMBVp6enp6MQ4wDAYDVQQLDAVaenp6ejENMAsGA1UEAwwEdGVzdDCB\nnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA41tJCTPuG2lirbztuGbBlzbzSipM\nEzM+zluWegUaoUjqtlgNHOTQqTJOqw/GdjkxRKJT6IxI3/HVcnfw7P4a4xSkL/ME\nIG3VyzedWEyLIHeofoQSTvr84ZdD0+Gk+zNCSqOQC7UuqpOLbMKK1tgZ8Mr7BkgI\np8H3lreLf29Sd5MCAwEAATANBgkqhkiG9w0BAQsFAAOBgQB0EXxy5+hsB7Rid7Gy\nCZrAObpaC4nbyPPW/vccFKmEkYtlygEPgky7D9AGsVSaTc/YxPZcanY+vKoRIsiR\n6ZitIUU5b+NnHcdj6289tUQ0iHj5jgVyv8wYHvPntTnqH2S7he0talLER8ITYToh\n2wz3u7waz/GypMeA/suhoEfxew==G/FzyZiqkcZc7QX54SXAxa/j9qQLFbS2SU6oHM7JCuCmXt3/Aq8yUn1CIXFlf+vc\nKbgftoLgNkxd3SgcetpXN67t9XVL5LiJU5IFGMFjtgRsNGQUqcSy3s6X1lXOQJnw\nU6XZ2qWi1SVVlqpWIp1spixISD5kYb9xAyDwQCw4xGo=2hJ/3YsZQA9TbN1tgfSgGxLXAIvSrmQjeGngUVLzA4KCzmgPOi9PYQjtjElaMs4U\n2aIUPBm9BFfCuBzJPuMaG2AWY5rbUVWp9znCFFMM5MNIYZWYyYww0qyGWgGjN/P4\nc/zP7lo0QAB+Uq5Yv5HviIi0D0N+Iu6jmfxZhcB2N9aL6jkBtV+MsqFwq6TD1B3w\nQ303Ir6Y2YCUZtxTWsk6SVATXeP+nsOEE5q03xcB4QwfonT+f0uwsGhQZrN/qbIk\nnQcVEePmEubEAEzIeydhbZZ6BBss5nudvN/t1sEA77K/88NE30nJD3ACldbKNPTq\nFGHcrar5a1g76UjEGtTZ0Hdi2n6IBd7zXXRXtfUJKWPFv4Vy43213pdyJbebHioI\ntTXjiQG/I+o722mLnNky8zJSEG9AfmZnE/Ty8g6QoWUtlqFDio2YJUexwb94S96E\ng8HmEFG8qxh/yukraSQo2BeDwwf5nMoi19zElge7Qfqg3VE+CyApAQgS/R6xky5s\nRgt89e23boDtKm73/JX6PoVUbydGx0ND+BdFMkTRkMjqhoV62eUxvKCzbcMRsB3Z\nnQkd42tnRk2rpmL0ZH6X0Hy4E4H5mw/DlPV7FjqVnAwdSjx+0bUhpdmFHPlZCfZL\nO/HoeCUQdamdEKpPH+tRt7bo4dRyguerbQpg4+EX1uPNueAB2OyVuD8QcxISoLqA\nD9foKbEMrddlrLsagWrQeYUAicy20m63Byrsxs0Hhimw3UeDX8CD2gD/P1PWXgBp\n2M1gNCbTD3g1DYGb9USamBTku2bJuugcU4Ql9ua2aWkBNjTGxKRyjo/pyNBcIC7L\ngf60mEtQ0xpdBTMvhhqW62swdfHYGSFuRtS9Kd2Dq/jan7YYX6u8cyDI9pW/IC3q\n2oi5wUcN4MsG+KEF1dzJgh6wkJTy+RMELT5fWhlVTwYonlN09CsrzEBsMCJCYrOI\nYmxBweqTolImI9tAH2QfdnzexbF8JBD10B4YwWis1+h6iZ+X+sTjFpfuAI0klSlt\nqtEVKOUTguHY0TN9vjdJSudPhkdJbvFW56JYmKzJJ8AEwQPf5jbLxQNaY05haNLn\nZgLaxBRzOQADOvnc/0gM6mn7ORJnNqFlV4AvCqEldYkd8w7N4pdnVoaFJx8mgrxm\nocvsfY+yAbrDeAh1ADjabtn7fbFyzsagtOj8pPs/U+ZimmFqUXqA8GOrGtGDe8Rx\nKmEI826b8FkyxlU000WenEMHSIYALM2mkoYkXdRtjiYNutHLlIP5nWHvDsq+Yyvn\npzaCJIwAiLyu1ay59IxaRF1qAe4kxPLLBBc3QClGFoiR8vVVND7PKt3FrFedpQSf\nQ/CLv5jftAbzWX369YQfu336St5Yad56nmR6Brsaip+aoo6df7nUPCfhDMz9+IUM\nK8GpZg7JbDjYPNRrihvDl2ytHkxX6GoHt84hzWeQvSJ015hukt22lZwn1EzJfy34\n/E84euqjQKH13+/wsQCzrFFPcaRoIcXSGrRvNVg5jWnF6B2ewE5o+bb2L1ElOPi5\n7D7jaaNooeiPURuaPeAwiL0bUsoRRXY+h12BdNmmzjDOoAkwS1HPxg6vDIlTBW9P\n/VCUMiLoDKSWZ7zGgoNegnlaj+spdcKhDkT5L9cFcjqBmHsB41JEgkxjkZ8krBSz\nZv91BrR8Kjc0tuUi3vGMKeoFvGfZs6XuFHm9BdrR7OEOrvhm8pCZBqKEvLn9MfQB\nWxAeY9pNyihPMpc2abCZHXfipqWF06CIOP3+lX6HECX2jci55N5Z7YehINP8Afhx\n7rkaWfCgv6FOT7qKjqfKB1pK02jd/Wbpk5U0CYSgfe7dfDBbsYxruo/kvWBqTaDV\naWjvb2UOekua5Ta4T63dBTyOW8/5bWYbPi0SUSY4iQ9ZMghpWw2kIAXUJT7blYGZ\nEwKTy/1d9uJTfTxwGD+SCMJtQve9KWwRBuEfpTKIAUDgPtdUu7wNOBw/8Qeju+wB\nAKihjJtyZOon0mOhcVyaMtZkycA6K7iFyH3snFqKl99nHz98+V98T9JP+Nr1nE3y\n3P3ofDa8BsOeIH+nWdXyk6IABLNyv5ucBNkqsVwXW53eYHgw769v2oZn9/7FuGrF\nU8ug2YXsiUCPBttJkuKEQqe8krmFOEJU6fuMgB5zktNU1dfpb6nzPOAcrHbqFuk1\n+8cnPf6hWBs647E9uwBCUwMn2QVLJo4SLf5EPphvIW3W+Lhpt9h2/SW6x54pPeaW\n1qmY8wNn3KexRMniRYgOLPB9umf1HhgFUxSb0ksD5vvKho1RFCd1h0iYuxhMNrcc\nAg0bjySNxOlz40m2Zbp4P09TrWDU+tkFu5pEd9ErxX6Qjy70Tq9Y7QLRqWu5n/qk\naWAacUz0WBUspVbmVDhAxIxkfROSC/08FMIrzqt3F0J4u7sNEyZCpQ==urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/login' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-W663l1bMLtV4lRqnV' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpugkaump4.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpugkaump4.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_response_3(self): conf = config.SPConfig() conf.load_file("server_conf") _client = Saml2Client(conf) idp, ava, ava_verify, nameid_policy = self.setup_verify_authn_response() self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id1") > resp = self.server.create_authn_response( identity=ava, in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", name_id=self.name_id, userid="foba0001@example.com", authn=AUTHN, sign_response=True, sign_assertion=True, encrypt_assertion=False, encrypt_assertion_self_contained=True, pefim=True, ) tests/test_51_client.py:584: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:907: in _response response = signed_instance_factory(response, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=00681bc0808c1f8766ab154a11c08f0367d13666e6e940563c5ccb1367f75dceurn:mace:example.com:saml:roland:spMIICHzCCAYgCAQEwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UEBhMCenoxCzAJBgNV\nBAgMAnp6MQ0wCwYDVQQHDAR6enp6MQ4wDAYDVQQKDAVaenp6ejEOMAwGA1UECwwF\nWnp6enoxDTALBgNVBAMMBHRlc3QwHhcNMTUwNjAyMDc0MzAxWhcNMjUwNTMwMDc0\nMzAxWjBYMQswCQYDVQQGEwJ6ejELMAkGA1UECAwCenoxDTALBgNVBAcMBHp6enox\nDjAMBgNVBAoMBVp6enp6MQ4wDAYDVQQLDAVaenp6ejENMAsGA1UEAwwEdGVzdDCB\nnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA41tJCTPuG2lirbztuGbBlzbzSipM\nEzM+zluWegUaoUjqtlgNHOTQqTJOqw/GdjkxRKJT6IxI3/HVcnfw7P4a4xSkL/ME\nIG3VyzedWEyLIHeofoQSTvr84ZdD0+Gk+zNCSqOQC7UuqpOLbMKK1tgZ8Mr7BkgI\np8H3lreLf29Sd5MCAwEAATANBgkqhkiG9w0BAQsFAAOBgQB0EXxy5+hsB7Rid7Gy\nCZrAObpaC4nbyPPW/vccFKmEkYtlygEPgky7D9AGsVSaTc/YxPZcanY+vKoRIsiR\n6ZitIUU5b+NnHcdj6289tUQ0iHj5jgVyv8wYHvPntTnqH2S7he0talLER8ITYToh\n2wz3u7waz/GypMeA/suhoEfxew==G/FzyZiqkcZc7QX54SXAxa/j9qQLFbS2SU6oHM7JCuCmXt3/Aq8yUn1CIXFlf+vc\nKbgftoLgNkxd3SgcetpXN67t9XVL5LiJU5IFGMFjtgRsNGQUqcSy3s6X1lXOQJnw\nU6XZ2qWi1SVVlqpWIp1spixISD5kYb9xAyDwQCw4xGo=2hJ/3YsZQA9TbN1tgfSgGxLXAIvSrmQjeGngUVLzA4KCzmgPOi9PYQjtjElaMs4U\n2aIUPBm9BFfCuBzJPuMaG2AWY5rbUVWp9znCFFMM5MNIYZWYyYww0qyGWgGjN/P4\nc/zP7lo0QAB+Uq5Yv5HviIi0D0N+Iu6jmfxZhcB2N9aL6jkBtV+MsqFwq6TD1B3w\nQ303Ir6Y2YCUZtxTWsk6SVATXeP+nsOEE5q03xcB4QwfonT+f0uwsGhQZrN/qbIk\nnQcVEePmEubEAEzIeydhbZZ6BBss5nudvN/t1sEA77K/88NE30nJD3ACldbKNPTq\nFGHcrar5a1g76UjEGtTZ0Hdi2n6IBd7zXXRXtfUJKWPFv4Vy43213pdyJbebHioI\ntTXjiQG/I+o722mLnNky8zJSEG9AfmZnE/Ty8g6QoWUtlqFDio2YJUexwb94S96E\ng8HmEFG8qxh/yukraSQo2BeDwwf5nMoi19zElge7Qfqg3VE+CyApAQgS/R6xky5s\nRgt89e23boDtKm73/JX6PoVUbydGx0ND+BdFMkTRkMjqhoV62eUxvKCzbcMRsB3Z\nnQkd42tnRk2rpmL0ZH6X0Hy4E4H5mw/DlPV7FjqVnAwdSjx+0bUhpdmFHPlZCfZL\nO/HoeCUQdamdEKpPH+tRt7bo4dRyguerbQpg4+EX1uPNueAB2OyVuD8QcxISoLqA\nD9foKbEMrddlrLsagWrQeYUAicy20m63Byrsxs0Hhimw3UeDX8CD2gD/P1PWXgBp\n2M1gNCbTD3g1DYGb9USamBTku2bJuugcU4Ql9ua2aWkBNjTGxKRyjo/pyNBcIC7L\ngf60mEtQ0xpdBTMvhhqW62swdfHYGSFuRtS9Kd2Dq/jan7YYX6u8cyDI9pW/IC3q\n2oi5wUcN4MsG+KEF1dzJgh6wkJTy+RMELT5fWhlVTwYonlN09CsrzEBsMCJCYrOI\nYmxBweqTolImI9tAH2QfdnzexbF8JBD10B4YwWis1+h6iZ+X+sTjFpfuAI0klSlt\nqtEVKOUTguHY0TN9vjdJSudPhkdJbvFW56JYmKzJJ8AEwQPf5jbLxQNaY05haNLn\nZgLaxBRzOQADOvnc/0gM6mn7ORJnNqFlV4AvCqEldYkd8w7N4pdnVoaFJx8mgrxm\nocvsfY+yAbrDeAh1ADjabtn7fbFyzsagtOj8pPs/U+ZimmFqUXqA8GOrGtGDe8Rx\nKmEI826b8FkyxlU000WenEMHSIYALM2mkoYkXdRtjiYNutHLlIP5nWHvDsq+Yyvn\npzaCJIwAiLyu1ay59IxaRF1qAe4kxPLLBBc3QClGFoiR8vVVND7PKt3FrFedpQSf\nQ/CLv5jftAbzWX369YQfu336St5Yad56nmR6Brsaip+aoo6df7nUPCfhDMz9+IUM\nK8GpZg7JbDjYPNRrihvDl2ytHkxX6GoHt84hzWeQvSJ015hukt22lZwn1EzJfy34\n/E84euqjQKH13+/wsQCzrFFPcaRoIcXSGrRvNVg5jWnF6B2ewE5o+bb2L1ElOPi5\n7D7jaaNooeiPURuaPeAwiL0bUsoRRXY+h12BdNmmzjDOoAkwS1HPxg6vDIlTBW9P\n/VCUMiLoDKSWZ7zGgoNegnlaj+spdcKhDkT5L9cFcjqBmHsB41JEgkxjkZ8krBSz\nZv91BrR8Kjc0tuUi3vGMKeoFvGfZs6XuFHm9BdrR7OEOrvhm8pCZBqKEvLn9MfQB\nWxAeY9pNyihPMpc2abCZHXfipqWF06CIOP3+lX6HECX2jci55N5Z7YehINP8Afhx\n7rkaWfCgv6FOT7qKjqfKB1pK02jd/Wbpk5U0CYSgfe7dfDBbsYxruo/kvWBqTaDV\naWjvb2UOekua5Ta4T63dBTyOW8/5bWYbPi0SUSY4iQ9ZMghpWw2kIAXUJT7blYGZ\nEwKTy/1d9uJTfTxwGD+SCMJtQve9KWwRBuEfpTKIAUDgPtdUu7wNOBw/8Qeju+wB\nAKihjJtyZOon0mOhcVyaMtZkycA6K7iFyH3snFqKl99nHz98+V98T9JP+Nr1nE3y\n3P3ofDa8BsOeIH+nWdXyk6IABLNyv5ucBNkqsVwXW53eYHgw769v2oZn9/7FuGrF\nU8ug2YXsiUCPBttJkuKEQqe8krmFOEJU6fuMgB5zktNU1dfpb6nzPOAcrHbqFuk1\n+8cnPf6hWBs647E9uwBCUwMn2QVLJo4SLf5EPphvIW3W+Lhpt9h2/SW6x54pPeaW\n1qmY8wNn3KexRMniRYgOLPB9umf1HhgFUxSb0ksD5vvKho1RFCd1h0iYuxhMNrcc\nAg0bjySNxOlz40m2Zbp4P09TrWDU+tkFu5pEd9ErxX6Qjy70Tq9Y7QLRqWu5n/qk\naWAacUz0WBUspVbmVDhAxIxkfROSC/08FMIrzqt3F0J4u7sNEyZCpQ==urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/login' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-W663l1bMLtV4lRqnV' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-W663l1bMLtV4lRqnV', '--output', '/tmp/tmpb_19t3ug.xml', '/tmp/tmpugkaump4.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpugkaump4.xml" output= __________________________ TestClient.test_response_4 __________________________ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=0f811b46c4271bdbc4f70a314eaafaa5479f73485a41f491ab4462361e7fd266urn:mace:example.com:saml:roland:spMIICHzCCAYgCAQEwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UEBhMCenoxCzAJBgNV\nBAgMAnp6MQ0wCwYDVQQHDAR6enp6MQ4wDAYDVQQKDAVaenp6ejEOMAwGA1UECwwF\nWnp6enoxDTALBgNVBAMMBHRlc3QwHhcNMTUwNjAyMDc0MzAxWhcNMjUwNTMwMDc0\nMzAxWjBYMQswCQYDVQQGEwJ6ejELMAkGA1UECAwCenoxDTALBgNVBAcMBHp6enox\nDjAMBgNVBAoMBVp6enp6MQ4wDAYDVQQLDAVaenp6ejENMAsGA1UEAwwEdGVzdDCB\nnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA41tJCTPuG2lirbztuGbBlzbzSipM\nEzM+zluWegUaoUjqtlgNHOTQqTJOqw/GdjkxRKJT6IxI3/HVcnfw7P4a4xSkL/ME\nIG3VyzedWEyLIHeofoQSTvr84ZdD0+Gk+zNCSqOQC7UuqpOLbMKK1tgZ8Mr7BkgI\np8H3lreLf29Sd5MCAwEAATANBgkqhkiG9w0BAQsFAAOBgQB0EXxy5+hsB7Rid7Gy\nCZrAObpaC4nbyPPW/vccFKmEkYtlygEPgky7D9AGsVSaTc/YxPZcanY+vKoRIsiR\n6ZitIUU5b+NnHcdj6289tUQ0iHj5jgVyv8wYHvPntTnqH2S7he0talLER8ITYToh\n2wz3u7waz/GypMeA/suhoEfxew==21LT5vjwHOKy/6XazBk/VR2m1GUwNx89STJtSLf1cTagTNVWKf/1SVx/wNryHMHj\nP4ZjLluPTClNct9ULXDbwrp+dSMShvkwmMZC8WyY37lKaEnwbdR2MD9WVXlWphjK\n7u7LSkOIg4YN8rM0AmhdgAboWwOB/7r0YacwMINXPm8=v+6ux8mgFwFjLbnaA4VaTcK0Ldu+jceO9BdLficGDs7dNayp2goFx4O129DOrOWq\nI6U646dD9n+bnvrRLvC+skBqKVVjxSUPfoZASQ3ktwoTb0xQcO49e6QBRCQgkdeL\n6+5ssrRmpSe87kVSszD2BCtYZ7kqmPZGnQs6lO4k5icZFpLQr1j4Ndm4o6TG31LX\nZAkuJU6FDb4ZG2EcC2AirkDE0CUFBjTphIgNZBQtu0svcCg6LZ74GVrW+PBTfHqL\ng2xUflCVGVc1ePQmmsZTszbinOnY0NcKh+ipN4uFkEW5Ty+zWQgYGePaGuxlkbIh\n3Kgcw3Il+RgPcb394/YDP6OvkfVOqh0tg4iP66sW6OiLiQYfaUmRPhslN2HlmDtf\nMv0+J/rCsPX/gS/AOon4li0Jnso2f38jUAYQRrHWVSy2tEmyLRn4EFE+Y9smzv6C\nfhA3eSFfsHlwd+GJpO0zo5YeuQyR/MkB7M3AyVQLxrJrk2wKSSscIv6AocpHGvX5\n3ikuHexEYarLSrgJuGN8QB0Z6Qcdgvi59lG0FU/O8hy+G1y0fG0DSilDPpZlu9R1\njUu/4HjeZYitMaVJ4YE3fL7/pRZhUrMj5964NINwfofyieD8QR8cbzGXUGoOMhpu\nz8yQZgDQpg4c140F/MYSx1Adcjstl0AcVwRJM9cQn+cnB7P0R1YGosUQeuoxkaNW\n0B0CPlwqevvcZA5b9wpYbb1DQCdQbvGl9sksTfQG6D1jt1/Gtt+TVXkAFANTwkrU\n+lVnGsqUWOk8d4zhsqj1jcjilL4q+Y6ceNFkoKGe0mEM5eGeBmIgreL/YQ9nKB2O\n6M/cMI+iMGqwcrTmdiaXHt189IRw/n+9zDK7hMupQVQKBAsljFEn4tzqQdfrQgkf\nKT5nOLqNHZs74/IZU522MdV1iiDU+3agv2otq/Dnw7Nouo6AvY7jnOKFtcjsiEMv\n0LLjs67aqke72oL1IOIHSfgO22PQf7yQzGWNjtO2B5ZI5S+V0QtjLHAeiGV1hmNY\n0MSgTUf+jRRjxjkh+upP3Kwchrpny0OPliCBR6VLcC/xUSIn2LrbYuANjbAr4Tww\nY9Cn4oiOhedKwpUlpQiu1tvrVvF7rifVm/DxobbI0RJjgZvDqqudaZnXhoK0zxde\nf1tSkUWukMNePOo5BwUXpYb+Ps6U2Ztm/Syk7HeS5qeNf5Lcg5oImYhSLv/teioy\nu+IbQXWfV2etcz1A5Ytb6B1X+FAibo1JpT3+XTZidFZmgRtLXeS6S91it3VhVmY/\ntqsjoS/81ePDbfT/vt+HLJ2H7/OaoFjxxk7Ym9wjRijLwObwHTHbyAc24t2/4z+T\n61Ncqcqe3Tn7Msu5P0iB5uv1zmML20CXp9ZmQ6sutEX5QDwFyqAe0JQNfRV9KVAi\n4xu62PzOsbb8iaF0BsTtjHoBIetdNsEnJVMlGeM89XIHJHvlKsH2H7ttw/hzGQFN\n669QEdm4C1zA8wijX7SMD+21c3ZZO0M/LhqI533ttvCnYTwNyD5lM5LjrMi2DUio\n+Fg/Zj8We5gpYI1vJ7R+wgak1PXP/UXmmP/xJu7Pq1qlgic3S4d3dySj5hiRMgky\nauwGImPpsTOILPM69IRw6mvpk5dvaC0kia3zHLURl8Kk1a15LSQ1W1fE7YxgPhDp\nPE2fgUENTMIMWeEjRlLDO9hdKdRMbhtKbWVmn3H8AuxumOAN0BNH+Z+OUy4ImaIm\nuw2MCqXxlZLTQn2YDdPw1tCdefmkLiPoA2clzg7SrO/S8Lc2AcKOnLuUhfm3CgmT\nfs9TEvGB0EZgVjMv8d4iwTvy1YT7cnrkrUDkF7LneIPtQvdi+6CRGz4wzS4vS+wu\np43GHvIZJXgF7cRcaiQBvuG5yXs1gFqg9b68xQAJt8FTPuC5L+ziQKjKzvjwP1g9\na+jUe6KoHdESe0F2VBnAnJYGppk2YQs4GbDf/SPu7RNC9iQtYuJ+L1V5d7SQELRo\nrKw2RMe8Et4DlDUniexp+2FuG25rN8u+eAtN/cCJ0bIVl9DqW0S5ZQ6+kPXK6rnM\nuAwl4mBXQAmcCtZK0altyVUPaI9dW4PC96dI5+uXqPPjEdNNYCd69RoEMiEBkLRd\n1YMWUOUxiEsTOe2s+ioFCXDCFwSx5uiSFG90IQunna8SDWB+COijv3AUk/eFnGGJ\n1EkY4PRctLitIZvMYVJ0VzzKC3ffh3n2HgTSfOe9txNrUp4Lfa9aMXRWXLmpivGq\n1SrqTQ0vqa6bZfuBD+gAeSfZGwJGaHCqdFpFEQq8ApMj8BwR+8qYsMySNx2glkbn\nvZif5X0PDA/RP+VfiJxt6cKSf4RW/QBFM5coD4sZR40GhRV3jemimF+eUgfd87pu\n4Vao0xQmfEmFYqFo6Uone59/sPnD6N97DMNovfsaRxWZJKL/OpxUnA==urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/login' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-9k2ePNKkRijPKvXD9' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmphgrd_lea.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmphgrd_lea.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_response_4(self): conf = config.SPConfig() conf.load_file("server_conf") _client = Saml2Client(conf) idp, ava, ava_verify, nameid_policy = self.setup_verify_authn_response() self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id1") > resp = self.server.create_authn_response( identity=ava, in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", name_id=self.name_id, userid="foba0001@example.com", authn=AUTHN, sign_response=True, sign_assertion=True, encrypt_assertion=True, encrypt_assertion_self_contained=True, pefim=True, ) tests/test_51_client.py:618: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:900: in _response response = signed_instance_factory(response, self.sec, to_sign_assertion) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=0f811b46c4271bdbc4f70a314eaafaa5479f73485a41f491ab4462361e7fd266urn:mace:example.com:saml:roland:spMIICHzCCAYgCAQEwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UEBhMCenoxCzAJBgNV\nBAgMAnp6MQ0wCwYDVQQHDAR6enp6MQ4wDAYDVQQKDAVaenp6ejEOMAwGA1UECwwF\nWnp6enoxDTALBgNVBAMMBHRlc3QwHhcNMTUwNjAyMDc0MzAxWhcNMjUwNTMwMDc0\nMzAxWjBYMQswCQYDVQQGEwJ6ejELMAkGA1UECAwCenoxDTALBgNVBAcMBHp6enox\nDjAMBgNVBAoMBVp6enp6MQ4wDAYDVQQLDAVaenp6ejENMAsGA1UEAwwEdGVzdDCB\nnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA41tJCTPuG2lirbztuGbBlzbzSipM\nEzM+zluWegUaoUjqtlgNHOTQqTJOqw/GdjkxRKJT6IxI3/HVcnfw7P4a4xSkL/ME\nIG3VyzedWEyLIHeofoQSTvr84ZdD0+Gk+zNCSqOQC7UuqpOLbMKK1tgZ8Mr7BkgI\np8H3lreLf29Sd5MCAwEAATANBgkqhkiG9w0BAQsFAAOBgQB0EXxy5+hsB7Rid7Gy\nCZrAObpaC4nbyPPW/vccFKmEkYtlygEPgky7D9AGsVSaTc/YxPZcanY+vKoRIsiR\n6ZitIUU5b+NnHcdj6289tUQ0iHj5jgVyv8wYHvPntTnqH2S7he0talLER8ITYToh\n2wz3u7waz/GypMeA/suhoEfxew==21LT5vjwHOKy/6XazBk/VR2m1GUwNx89STJtSLf1cTagTNVWKf/1SVx/wNryHMHj\nP4ZjLluPTClNct9ULXDbwrp+dSMShvkwmMZC8WyY37lKaEnwbdR2MD9WVXlWphjK\n7u7LSkOIg4YN8rM0AmhdgAboWwOB/7r0YacwMINXPm8=v+6ux8mgFwFjLbnaA4VaTcK0Ldu+jceO9BdLficGDs7dNayp2goFx4O129DOrOWq\nI6U646dD9n+bnvrRLvC+skBqKVVjxSUPfoZASQ3ktwoTb0xQcO49e6QBRCQgkdeL\n6+5ssrRmpSe87kVSszD2BCtYZ7kqmPZGnQs6lO4k5icZFpLQr1j4Ndm4o6TG31LX\nZAkuJU6FDb4ZG2EcC2AirkDE0CUFBjTphIgNZBQtu0svcCg6LZ74GVrW+PBTfHqL\ng2xUflCVGVc1ePQmmsZTszbinOnY0NcKh+ipN4uFkEW5Ty+zWQgYGePaGuxlkbIh\n3Kgcw3Il+RgPcb394/YDP6OvkfVOqh0tg4iP66sW6OiLiQYfaUmRPhslN2HlmDtf\nMv0+J/rCsPX/gS/AOon4li0Jnso2f38jUAYQRrHWVSy2tEmyLRn4EFE+Y9smzv6C\nfhA3eSFfsHlwd+GJpO0zo5YeuQyR/MkB7M3AyVQLxrJrk2wKSSscIv6AocpHGvX5\n3ikuHexEYarLSrgJuGN8QB0Z6Qcdgvi59lG0FU/O8hy+G1y0fG0DSilDPpZlu9R1\njUu/4HjeZYitMaVJ4YE3fL7/pRZhUrMj5964NINwfofyieD8QR8cbzGXUGoOMhpu\nz8yQZgDQpg4c140F/MYSx1Adcjstl0AcVwRJM9cQn+cnB7P0R1YGosUQeuoxkaNW\n0B0CPlwqevvcZA5b9wpYbb1DQCdQbvGl9sksTfQG6D1jt1/Gtt+TVXkAFANTwkrU\n+lVnGsqUWOk8d4zhsqj1jcjilL4q+Y6ceNFkoKGe0mEM5eGeBmIgreL/YQ9nKB2O\n6M/cMI+iMGqwcrTmdiaXHt189IRw/n+9zDK7hMupQVQKBAsljFEn4tzqQdfrQgkf\nKT5nOLqNHZs74/IZU522MdV1iiDU+3agv2otq/Dnw7Nouo6AvY7jnOKFtcjsiEMv\n0LLjs67aqke72oL1IOIHSfgO22PQf7yQzGWNjtO2B5ZI5S+V0QtjLHAeiGV1hmNY\n0MSgTUf+jRRjxjkh+upP3Kwchrpny0OPliCBR6VLcC/xUSIn2LrbYuANjbAr4Tww\nY9Cn4oiOhedKwpUlpQiu1tvrVvF7rifVm/DxobbI0RJjgZvDqqudaZnXhoK0zxde\nf1tSkUWukMNePOo5BwUXpYb+Ps6U2Ztm/Syk7HeS5qeNf5Lcg5oImYhSLv/teioy\nu+IbQXWfV2etcz1A5Ytb6B1X+FAibo1JpT3+XTZidFZmgRtLXeS6S91it3VhVmY/\ntqsjoS/81ePDbfT/vt+HLJ2H7/OaoFjxxk7Ym9wjRijLwObwHTHbyAc24t2/4z+T\n61Ncqcqe3Tn7Msu5P0iB5uv1zmML20CXp9ZmQ6sutEX5QDwFyqAe0JQNfRV9KVAi\n4xu62PzOsbb8iaF0BsTtjHoBIetdNsEnJVMlGeM89XIHJHvlKsH2H7ttw/hzGQFN\n669QEdm4C1zA8wijX7SMD+21c3ZZO0M/LhqI533ttvCnYTwNyD5lM5LjrMi2DUio\n+Fg/Zj8We5gpYI1vJ7R+wgak1PXP/UXmmP/xJu7Pq1qlgic3S4d3dySj5hiRMgky\nauwGImPpsTOILPM69IRw6mvpk5dvaC0kia3zHLURl8Kk1a15LSQ1W1fE7YxgPhDp\nPE2fgUENTMIMWeEjRlLDO9hdKdRMbhtKbWVmn3H8AuxumOAN0BNH+Z+OUy4ImaIm\nuw2MCqXxlZLTQn2YDdPw1tCdefmkLiPoA2clzg7SrO/S8Lc2AcKOnLuUhfm3CgmT\nfs9TEvGB0EZgVjMv8d4iwTvy1YT7cnrkrUDkF7LneIPtQvdi+6CRGz4wzS4vS+wu\np43GHvIZJXgF7cRcaiQBvuG5yXs1gFqg9b68xQAJt8FTPuC5L+ziQKjKzvjwP1g9\na+jUe6KoHdESe0F2VBnAnJYGppk2YQs4GbDf/SPu7RNC9iQtYuJ+L1V5d7SQELRo\nrKw2RMe8Et4DlDUniexp+2FuG25rN8u+eAtN/cCJ0bIVl9DqW0S5ZQ6+kPXK6rnM\nuAwl4mBXQAmcCtZK0altyVUPaI9dW4PC96dI5+uXqPPjEdNNYCd69RoEMiEBkLRd\n1YMWUOUxiEsTOe2s+ioFCXDCFwSx5uiSFG90IQunna8SDWB+COijv3AUk/eFnGGJ\n1EkY4PRctLitIZvMYVJ0VzzKC3ffh3n2HgTSfOe9txNrUp4Lfa9aMXRWXLmpivGq\n1SrqTQ0vqa6bZfuBD+gAeSfZGwJGaHCqdFpFEQq8ApMj8BwR+8qYsMySNx2glkbn\nvZif5X0PDA/RP+VfiJxt6cKSf4RW/QBFM5coD4sZR40GhRV3jemimF+eUgfd87pu\n4Vao0xQmfEmFYqFo6Uone59/sPnD6N97DMNovfsaRxWZJKL/OpxUnA==urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/login' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-9k2ePNKkRijPKvXD9' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-9k2ePNKkRijPKvXD9', '--output', '/tmp/tmpiy0yon2b.xml', '/tmp/tmphgrd_lea.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmphgrd_lea.xml" output= __________________________ TestClient.test_response_5 __________________________ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=34800b7ad2a6a22a3570a3893899cded5ff135e10405af1f7cd70d0b044d09b8urn:mace:example.com:saml:roland:spMIICHzCCAYgCAQEwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UEBhMCenoxCzAJBgNV\nBAgMAnp6MQ0wCwYDVQQHDAR6enp6MQ4wDAYDVQQKDAVaenp6ejEOMAwGA1UECwwF\nWnp6enoxDTALBgNVBAMMBHRlc3QwHhcNMTUwNjAyMDc0MzAxWhcNMjUwNTMwMDc0\nMzAxWjBYMQswCQYDVQQGEwJ6ejELMAkGA1UECAwCenoxDTALBgNVBAcMBHp6enox\nDjAMBgNVBAoMBVp6enp6MQ4wDAYDVQQLDAVaenp6ejENMAsGA1UEAwwEdGVzdDCB\nnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA41tJCTPuG2lirbztuGbBlzbzSipM\nEzM+zluWegUaoUjqtlgNHOTQqTJOqw/GdjkxRKJT6IxI3/HVcnfw7P4a4xSkL/ME\nIG3VyzedWEyLIHeofoQSTvr84ZdD0+Gk+zNCSqOQC7UuqpOLbMKK1tgZ8Mr7BkgI\np8H3lreLf29Sd5MCAwEAATANBgkqhkiG9w0BAQsFAAOBgQB0EXxy5+hsB7Rid7Gy\nCZrAObpaC4nbyPPW/vccFKmEkYtlygEPgky7D9AGsVSaTc/YxPZcanY+vKoRIsiR\n6ZitIUU5b+NnHcdj6289tUQ0iHj5jgVyv8wYHvPntTnqH2S7he0talLER8ITYToh\n2wz3u7waz/GypMeA/suhoEfxew==Borth4X5u9tcVqFlijOgOzPQPHuwP6OptvTkTZyimnkdndQreBrOuY2OdBeCljE2\n/toerqbbluyLHFheDvtzca1IxBMa1q8jefEqtZm1aTc5eNN/oNKt2l2kHduKbSc/\n6wyes98MNwD0s5pv1hsYpdbT4+i+RZYDy3rn/odIrds=0jjWKer7Sy8SZUu+9WFE8jau55PoVxhMOzHqKmIEGNZffYwd4u3SmTjfnuitD7xs\nvt7HNj5xPPFWBMvBHugKFN9gj7mygxX0HDwUcjyU7wm++3zSZrWvxnS3VjsDee/O\nZUuu8Q9BBdFYiSd1Ij6K7dESk3AWYV99VWcoLZohRWtI87ciEpYHNEaJ0RIrOY+B\n3o8bol/gfX2ibeppeuSeWF1Jgjzn0EzPDml5a1GNS9tpk+tIiEoJHhYUmrBxfPTp\nSjV6+npa/OVPeQ2B4d4wIy6LEdiJcKb/VB40IcQapo60BWwao/D+kxm5Z5dDc7b2\nsLuCuYpR+3EO1DpFT2O/7MpXZQnECk7J4R2DrLGZf+JlC37tvBopBiAA51XAR3Bh\nZFrdWWSKqJRSInEawDYaeuJi5MYqq9gjcr+EPL8c4sW4ITzlvq1Ksnmnp2CJe/WG\naQUqV0ufvDvqfbgksGvwTtqTD0TPsrgELUWpoSpQFw6Q8xXYBqdQSh877FiyuYZV\nOute5w5+aFhnUXuW4Jak9V1cZdRiooLBP2yIpLJ1UluDNrgqPvffG0PbocjTmQnp\nouyrTUelqIb+Ozr7X953GMXAbETmtBGOr3nFdvJYUuAEBNdO19lYo/xpyp47/wCh\n0Q6jnUBSzjFe8RH3faYGRho/UjVUqm00TmsdRn5oQE2069v2mLrGBScHPOiUL1MI\nSlYa0YGVoG1I46Ls9af1mTU0EdUIrV0PNUoomFkaJAPS+3vccpEDel9ukVgi8cfI\nPPsnnHqPuP8g14gFCdqpudlVyhmholkpyTV9C+R7K5RoYNV4aqi8p+7WK0EsqPk6\nea+mHEh4fMmlh8WBu9YMHDPyFK2EyOjesy6PAb8b+3GQQrFavePi5Wb62JPG3H5T\nh1IoVMr7X0eqDgIhvf8p565PMX1BqViSJV9d8OXOxyt6MdxPBx+0t09RK0iOCsen\ntzVwtp/yU1hTPSqGdPK25z2ulkEHUsn3wIT6vCgAr1kfx2loWVCUGLX6rhu8gI1h\n1bDgSWXaaMy3VcVYckKJZAbwGss+NSu0QO5A6jwblL+CLvyTBYGJapO1KoT6UtNH\nqxyK8MWK9dkILgP5qmGhmjoALpFRiqklK6i7WZL4MXbh9U6itAChz0mKBYTWeIvl\nrX3DEvyBglAyNNpEzXnWm8wD6SEl+BIUVTssk6il2hgEu2rCTCKBffrS19FYUL5H\nUK/hbT6GG3wCe7LGmP0dNrq1PnWhw7Ndkq7nopKz3D3HhdKzA1SMBvlI4YR0RU6D\nNue8JnsE4NPwfH4DLFP0AcMoE7u4WfBAgP61X1/QMH58u7Hb0qUEfzGoIpiW5VXI\nF+JH7TwW6zIp1ue4sQwhG2wkF/wF4frblRg+wqlXVF3IcfWbFxTTc3fc2DWJPaHk\nX2jBesda1LSmRcNnImp6B77j1jZi8kcrHm2iBgG2PIa5dp8yycNcTwoljmdd0hkL\nsnTTVyE8MU8hi/mXCN3lJCHVCA096eyPDpcZF72vGKSYFBnVgy0eCu9AYJH7KDfF\n1Q2WVBJr0Tn7gq3sGZ20s8JmZCyaIlag6OeqWwuynAF++Sh+UalCVmTKHPNNbNUE\n3KQIofan83EoNEUlBsWF7KTY171jM20npm2rynJ75ns+dTXyfrcYwfb04XF8uq6O\n+atSc3t8Dsm/YaWXVzW2TlRNqsd3+pPMnd0BkvKzfypvYfJnbLve/zreLtstjz17\nY6fD4meU1Hx/KNiNL6Gfxs4AYvvUj9xGIQLh7iBl5SrNEAymfMUAJA2WPnVH695Z\nL+RpIEijDLfI/4HHrFgbF45uNQ96d2a47b6kyVQ+ut8L7VXqseYa5SYgxK8e5ev/\nHH35gzovbiB7uw3MOTNP/1RFkpRiQeLCSZmGBQFnEtPGsC5u3axUy7+IccpCmIp4\nNv9km22dnaQAWRH6Jd/QGM3KHQidySB81iHjJYJAvinWhmJ3e2MACR9GAYovVcmd\n+9tV1swh2uiXLtcjz9rVWAwSpCfAQeYy+oxJuXNoUqtAdTyI8QmZA/tKho6BejjR\nPAg7MF2lw7bvN96f9M0KGHOtRsPQ8+3KBaLkBErhygSN8xQAnW6z1kXkBbDA4B5F\ne4k2FuNpY9XAgv8J7tvKJnBhCfPU9zguf7lT+NogDBYULeqXi4MPqzwL9C9RI4GA\np1yaBysH/4jrJmBioWiu5lfi8l/fJo/0+QYCfz5nt7yhGgcU92EXE09b0gOgoolG\nptFLpuANP9SwdHI5Ue78EM891XvCFtDT2+vZexQ9O3YnpvcOzimQO7XKtQsQJHuq\na5efeN8s29Z/rLRyF7sjp7MCsukCG25hduD5YjYxCHWtzk1I7XbMgxQZHF6VIxye\ns+D/kaN63DDME8QVlG+nDXajNl56QN/OIzMntqxwBFE/jXkHJNqckQ==urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/login' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-oTA1QuNwJOFnxtJc6' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmp0wjpjat_.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmp0wjpjat_.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_response_5(self): conf = config.SPConfig() conf.load_file("server_conf") _client = Saml2Client(conf) idp, ava, ava_verify, nameid_policy = self.setup_verify_authn_response() self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id1") cert_str, cert_key_str = generate_cert() cert = {"cert": cert_str, "key": cert_key_str} > resp = self.server.create_authn_response( identity=ava, in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", name_id=self.name_id, userid="foba0001@example.com", authn=AUTHN, sign_response=True, sign_assertion=True, encrypt_assertion=True, encrypt_assertion_self_contained=True, pefim=True, encrypt_cert_assertion=cert_str, ) tests/test_51_client.py:656: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:900: in _response response = signed_instance_factory(response, self.sec, to_sign_assertion) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=34800b7ad2a6a22a3570a3893899cded5ff135e10405af1f7cd70d0b044d09b8urn:mace:example.com:saml:roland:spMIICHzCCAYgCAQEwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UEBhMCenoxCzAJBgNV\nBAgMAnp6MQ0wCwYDVQQHDAR6enp6MQ4wDAYDVQQKDAVaenp6ejEOMAwGA1UECwwF\nWnp6enoxDTALBgNVBAMMBHRlc3QwHhcNMTUwNjAyMDc0MzAxWhcNMjUwNTMwMDc0\nMzAxWjBYMQswCQYDVQQGEwJ6ejELMAkGA1UECAwCenoxDTALBgNVBAcMBHp6enox\nDjAMBgNVBAoMBVp6enp6MQ4wDAYDVQQLDAVaenp6ejENMAsGA1UEAwwEdGVzdDCB\nnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA41tJCTPuG2lirbztuGbBlzbzSipM\nEzM+zluWegUaoUjqtlgNHOTQqTJOqw/GdjkxRKJT6IxI3/HVcnfw7P4a4xSkL/ME\nIG3VyzedWEyLIHeofoQSTvr84ZdD0+Gk+zNCSqOQC7UuqpOLbMKK1tgZ8Mr7BkgI\np8H3lreLf29Sd5MCAwEAATANBgkqhkiG9w0BAQsFAAOBgQB0EXxy5+hsB7Rid7Gy\nCZrAObpaC4nbyPPW/vccFKmEkYtlygEPgky7D9AGsVSaTc/YxPZcanY+vKoRIsiR\n6ZitIUU5b+NnHcdj6289tUQ0iHj5jgVyv8wYHvPntTnqH2S7he0talLER8ITYToh\n2wz3u7waz/GypMeA/suhoEfxew==Borth4X5u9tcVqFlijOgOzPQPHuwP6OptvTkTZyimnkdndQreBrOuY2OdBeCljE2\n/toerqbbluyLHFheDvtzca1IxBMa1q8jefEqtZm1aTc5eNN/oNKt2l2kHduKbSc/\n6wyes98MNwD0s5pv1hsYpdbT4+i+RZYDy3rn/odIrds=0jjWKer7Sy8SZUu+9WFE8jau55PoVxhMOzHqKmIEGNZffYwd4u3SmTjfnuitD7xs\nvt7HNj5xPPFWBMvBHugKFN9gj7mygxX0HDwUcjyU7wm++3zSZrWvxnS3VjsDee/O\nZUuu8Q9BBdFYiSd1Ij6K7dESk3AWYV99VWcoLZohRWtI87ciEpYHNEaJ0RIrOY+B\n3o8bol/gfX2ibeppeuSeWF1Jgjzn0EzPDml5a1GNS9tpk+tIiEoJHhYUmrBxfPTp\nSjV6+npa/OVPeQ2B4d4wIy6LEdiJcKb/VB40IcQapo60BWwao/D+kxm5Z5dDc7b2\nsLuCuYpR+3EO1DpFT2O/7MpXZQnECk7J4R2DrLGZf+JlC37tvBopBiAA51XAR3Bh\nZFrdWWSKqJRSInEawDYaeuJi5MYqq9gjcr+EPL8c4sW4ITzlvq1Ksnmnp2CJe/WG\naQUqV0ufvDvqfbgksGvwTtqTD0TPsrgELUWpoSpQFw6Q8xXYBqdQSh877FiyuYZV\nOute5w5+aFhnUXuW4Jak9V1cZdRiooLBP2yIpLJ1UluDNrgqPvffG0PbocjTmQnp\nouyrTUelqIb+Ozr7X953GMXAbETmtBGOr3nFdvJYUuAEBNdO19lYo/xpyp47/wCh\n0Q6jnUBSzjFe8RH3faYGRho/UjVUqm00TmsdRn5oQE2069v2mLrGBScHPOiUL1MI\nSlYa0YGVoG1I46Ls9af1mTU0EdUIrV0PNUoomFkaJAPS+3vccpEDel9ukVgi8cfI\nPPsnnHqPuP8g14gFCdqpudlVyhmholkpyTV9C+R7K5RoYNV4aqi8p+7WK0EsqPk6\nea+mHEh4fMmlh8WBu9YMHDPyFK2EyOjesy6PAb8b+3GQQrFavePi5Wb62JPG3H5T\nh1IoVMr7X0eqDgIhvf8p565PMX1BqViSJV9d8OXOxyt6MdxPBx+0t09RK0iOCsen\ntzVwtp/yU1hTPSqGdPK25z2ulkEHUsn3wIT6vCgAr1kfx2loWVCUGLX6rhu8gI1h\n1bDgSWXaaMy3VcVYckKJZAbwGss+NSu0QO5A6jwblL+CLvyTBYGJapO1KoT6UtNH\nqxyK8MWK9dkILgP5qmGhmjoALpFRiqklK6i7WZL4MXbh9U6itAChz0mKBYTWeIvl\nrX3DEvyBglAyNNpEzXnWm8wD6SEl+BIUVTssk6il2hgEu2rCTCKBffrS19FYUL5H\nUK/hbT6GG3wCe7LGmP0dNrq1PnWhw7Ndkq7nopKz3D3HhdKzA1SMBvlI4YR0RU6D\nNue8JnsE4NPwfH4DLFP0AcMoE7u4WfBAgP61X1/QMH58u7Hb0qUEfzGoIpiW5VXI\nF+JH7TwW6zIp1ue4sQwhG2wkF/wF4frblRg+wqlXVF3IcfWbFxTTc3fc2DWJPaHk\nX2jBesda1LSmRcNnImp6B77j1jZi8kcrHm2iBgG2PIa5dp8yycNcTwoljmdd0hkL\nsnTTVyE8MU8hi/mXCN3lJCHVCA096eyPDpcZF72vGKSYFBnVgy0eCu9AYJH7KDfF\n1Q2WVBJr0Tn7gq3sGZ20s8JmZCyaIlag6OeqWwuynAF++Sh+UalCVmTKHPNNbNUE\n3KQIofan83EoNEUlBsWF7KTY171jM20npm2rynJ75ns+dTXyfrcYwfb04XF8uq6O\n+atSc3t8Dsm/YaWXVzW2TlRNqsd3+pPMnd0BkvKzfypvYfJnbLve/zreLtstjz17\nY6fD4meU1Hx/KNiNL6Gfxs4AYvvUj9xGIQLh7iBl5SrNEAymfMUAJA2WPnVH695Z\nL+RpIEijDLfI/4HHrFgbF45uNQ96d2a47b6kyVQ+ut8L7VXqseYa5SYgxK8e5ev/\nHH35gzovbiB7uw3MOTNP/1RFkpRiQeLCSZmGBQFnEtPGsC5u3axUy7+IccpCmIp4\nNv9km22dnaQAWRH6Jd/QGM3KHQidySB81iHjJYJAvinWhmJ3e2MACR9GAYovVcmd\n+9tV1swh2uiXLtcjz9rVWAwSpCfAQeYy+oxJuXNoUqtAdTyI8QmZA/tKho6BejjR\nPAg7MF2lw7bvN96f9M0KGHOtRsPQ8+3KBaLkBErhygSN8xQAnW6z1kXkBbDA4B5F\ne4k2FuNpY9XAgv8J7tvKJnBhCfPU9zguf7lT+NogDBYULeqXi4MPqzwL9C9RI4GA\np1yaBysH/4jrJmBioWiu5lfi8l/fJo/0+QYCfz5nt7yhGgcU92EXE09b0gOgoolG\nptFLpuANP9SwdHI5Ue78EM891XvCFtDT2+vZexQ9O3YnpvcOzimQO7XKtQsQJHuq\na5efeN8s29Z/rLRyF7sjp7MCsukCG25hduD5YjYxCHWtzk1I7XbMgxQZHF6VIxye\ns+D/kaN63DDME8QVlG+nDXajNl56QN/OIzMntqxwBFE/jXkHJNqckQ==urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/login' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-oTA1QuNwJOFnxtJc6' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-oTA1QuNwJOFnxtJc6', '--output', '/tmp/tmpc_nzrv27.xml', '/tmp/tmp0wjpjat_.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmp0wjpjat_.xml" output= __________________________ TestClient.test_response_6 __________________________ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=bfa28afe7f8f12942f46d0ef67f51986e042ca09a5a148be984eb0d58b7cd55durn:mace:example.com:saml:roland:spMIICujCCAiMCAQEwDQYJKoZIhvcNAQELBQAwbTELMAkGA1UEBhMCc2UxCzAJBgNV\nBAgMAmFjMQ0wCwYDVQQHDAR1bWVhMRwwGgYDVQQKDBNJVFMgVW1lYSBVbml2ZXJz\naXR5MQ0wCwYDVQQLDARESVJHMRUwEwYDVQQDDAxsb2NhbGhvc3QuY2EwHhcNMjQx\nMTE0MDk0NTU5WhcNMzQxMTEyMDk0NTU5WjBaMQswCQYDVQQGEwJzZTELMAkGA1UE\nCAwCYWMxDTALBgNVBAcMBFVtZWExDDAKBgNVBAoMA0lUUzENMAsGA1UECwwERElS\nRzESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAtaITM3XboPHge+EXxH2iNg9UwHjLk25oxx0a0tx1HgNH1DnRXpqAKjuM\nwloDAzB3iuXrlyINg3OyCjtmRNeaC8dppC+Gy4B824scgPFtHuI408ITYrBWfiDc\nqxCWsL5lJro197CVx9++T1AlllsMCmcG+OC8EDKVS4wq0bSn/jxHK8D1/ihjt4od\nipn+7ycrsO44rSaOnS7QcwSUVLua8vdyzdTij95IYDeoU0wTJO31597ZbX5W4HV3\nudC6q6LYH7GoLx2ESHr+xoIfX0NWRk25Ql9kDqk9nwBa5gdEgRTOxnSOpx/Pjf8M\nA2MVBTHuuarRsWsVLfDsesYn6mVWeQIDAQABMA0GCSqGSIb3DQEBCwUAA4GBACp9\nwzuf2MmCMr0keolzanVc+1Dcc+Eg9PcLpShaqVMt+YgfyzF0yvWA50UEMWgwgj5x\n3iOcYlnRr7vODaelA7I5Us/2YbkV+Pem2NYRS+nSMWMPxf+b+/J3yHMVjXZP2G1V\ngGyuyTQiwzED/d8a5GIsNRbL2V/WOTTXTz729Y+iNMQCGPrCAPWKFdSE+Bzz5XCTzDUCpBKMoDqGaCKes+tZijuPUr+o/nSCaNEuJCQp\nVqgxNUfyKg3r86y35zTbtQc7gwFfEzT7eKlTYxUB/2PFNvVgt8BXevnlVKzpEwzc\nTUI83cTA9x+KoPfNKnxBsKH/5yNe4gksUwq/Tm+PoRTay0NkoiWcTmpOLv8wvaI0\njKrxomoMMDWGYT/4cHtA737JykTaZ+a3YGbZC3LNAYNmF3THL8m+UTSCKFrwFJIl\nnhvk8A6v7j34Ges8ibCWa1V12wZBjS45BTvg6wC+0g8/gERzHtMLqsC8FnBcExR1\ng1gWosmWmjZAWUW/vQGEkA==8LbZf5ULlomIJT/x12lzRd3JQB+goLqvhUz8ID7M0CD25/7LIQvuuZ0GccekTADI\nqvCDynBCpawc9v2JxfTtyjECk3WNNsy9r0JRItV+m2avelz6YuJntHi2BE/hyzwK\n34X4YXqSDD0H8l8P10anim1DGoKWXGoOEyYfEsuAQHyhQAXtqNYSnXV9C5wtLOdo\n7u69CNV00ybcR9R32yfs+9UE86YuR3JRuImrf8f1DaSItJecDe/j5fyWrOtidf5g\nJ9Go5Tw5q/YatOLrf3ZEaNlbs5aXdeTypRwklKjUHo4RSTQ89CJrZpevNR2mlakL\nXF+yJuvMAD5XDRCkmNflYARWSLVN3Iw+vT8MuiCupQTolkLFFk/3xS/OlTGjomYq\nv0kxlu3vxM6xeL2N8KQHBTI3MOSGb0VsDVnyI0+T8NO78rmGU4dObQ01rqSgZSk2\n6pXrdt+U0jb4NT+oWXbrb0jZmlP+h2MJLngaGP//8fD0KQ8taaH4mIXJBICn+5jM\naz6QHJutPEcb5KWwW508rAD/aq/gUM6DgbQ8kO5Rwv4+ZlHstyGCpfJ7fhkZHHxF\nsNQxmMRjV/QzrBelTA5FoFLe5XrvegpgOafVtyO5njcuW1skgRj9CEgdXMiBJ+A/\nn/diBJ6xkNV32atcqlu2DGHnVDYsV+TPxYzzryvBJe591Xron41hKjMvC9p99lDr\n3pECQvQvHWsN3FQKp0RXLc1l0HVzJjyfhM0SFlLmgy4ACkjAENrFB/gV+oXyx0zL\n5oS6ospCWVp3xj40A7PyY/pKia9sg5uuKehmJI/xckWLkX8kTOv2OzmBBIBmqpd4\nW9fUmWGyhjfz359Pl1Q9AwkBImk35NKovNUYUDNyWzooy+NMixPdYNX4Ol+DytJL\n54i4s1Mrttj8HdYJE6yDC3K7pMqM7NzPXn/W+8BMPoH8j5WyEa1UoiKNkqtaOwzO\nwa7klLsriq7uT00M8ljbYAf5StefqMpra6AOPOC62f9F/tJdP3Y6tXT/1LXulX0m\nkAZIazjQi+k1EFtk2oS1BtK50+jVznIvt4Tx0sWA4xyqGuiTpkXqb+cxzvmatsgJ\nwgZn5uU/k2eOIZi462dXW1uOhyA9gCBf9gZDqswYYW9tqm0j8P1PscG1R44xqLgq\nCyQFpiiEQV67OWbfOutJawTxrSPYmI1HtdN+R3ETYEqFarv/IPbux8CyH3Rin8Dj\nrKMtN1yzN1xkgPhjKaMqCwgw5OWvdXVXE3502DWOedf46h8+xFlDiEgMc58O24t1\n/xrstqQeNO7iKgS6kCZqv+9LtSYnKhHpWQ5kCevpuM6OM0yUM6nNouIpgaIn033X\nJmxbsg4z5m2YBLKM9qTaukjkvjCyygtzmKooo8N4nOPkudDJYg27d510AoP0soI+\nc6WSOGVIPkBVadKYvMIcifyjdh1shf01CxiEXragFkJE1Naj3I0NP5PSzrmgbqKn\nV9f3ldkVYIkAQwn3WqwdRk6H7mdt1pLolw/JHMEaGRO+R3IMWtQT/Njfg1lm2x8k\nAyM3X1dkNPu8S7upvYoR5OH8c1QSQe/WwbfmwNlNWbyoFa+RxIxMIxXb1IrMkqFl\noR3EgCvTCY5j8Gwk5QjUKCCVj08MBbMF1SxUQ57rGEmajid0BHRML6vSeg8rMvvY\n2V3ueKF4P696pNPLINM1vL/YeHuO0XgYurc3prI4DyY+Wq+XQQa49/Ladow6j9/t\n9AQrgKj18b/wfa+Zt1AC4H1VZCGG/UK3w0VlwokoKNrpC0FchAdfPdKmu1+GXg2m\n33Z2zAwlTALvhYl+uKMI/XjfzAqFM01Fk3UcDAwI1kAEUMmidXc4tFESJyzSQRAp\nAWlxSzPRQmjBlsocohp+dcAJoAavbTjKO7KZ4Edf1UEaqHBNnOK/fPTbTwkWuTLl\nRTPW3dveJ43fWcn2kPIq7DP0JJUIfhFjFd8ebel28UWp937slh9KUy/MfsyP+mL3\ncNB9Q1xwUV6Whgn//YxDIwm1+gSb/JIQpZ+i7zuaorYNgqIkDOk/Ef4Kp+WQEV5A\nDIychqPN0AuQbw3Foe8C4j7RnP/J38GAO8Y+TxD0PDq48pi0ygutjY9qnmQLRicO\nQmn3ESpTa5hfChUmIsjSVzhLjBkKjG9AxuAQaPGrRvV+sVMBnM58zoGU4gfU/qwU\nscJJ1evyXXwSYEIgHcQ8agHlFkv5/aHmGewtvWRu6nP8dfZP3xKY0dADzmip4TRX\n3CgPPosja6nmbK3J/SlURqxRChRnQT4xMbhdzudS2DUkudEKxSU8p7CjYfSNrVB0\nYxzDRO5uj9a1R2pJuEnHlrzNckHoRITrwberzTqumTQ99BQK0zd+8gdFWL7dpS1y\nyV7GuL3Khe3ZIwHYYmPIykPGNEtnOEk5S3EXr9hCAl2m/RyJVz4hJA==urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/login' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-VCtk3qmCtjZmuZE0q' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpl1pttpns.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpl1pttpns.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_response_6(self): conf = config.SPConfig() conf.load_file("server_conf") _client = Saml2Client(conf) idp, ava, ava_verify, nameid_policy = self.setup_verify_authn_response() self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id1") cert_assertion_str, cert_key_assertion_str = generate_cert() cert_assertion = {"cert": cert_assertion_str, "key": cert_key_assertion_str} cert_advice_str, cert_key_advice_str = generate_cert() cert_advice = {"cert": cert_advice_str, "key": cert_key_advice_str} > resp = self.server.create_authn_response( identity=ava, in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", name_id=self.name_id, userid="foba0001@example.com", authn=AUTHN, sign_response=True, sign_assertion=True, encrypt_assertion=True, encrypt_assertion_self_contained=True, pefim=True, encrypt_cert_assertion=cert_assertion_str, encrypt_cert_advice=cert_advice_str, ) tests/test_51_client.py:699: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:900: in _response response = signed_instance_factory(response, self.sec, to_sign_assertion) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=bfa28afe7f8f12942f46d0ef67f51986e042ca09a5a148be984eb0d58b7cd55durn:mace:example.com:saml:roland:spMIICujCCAiMCAQEwDQYJKoZIhvcNAQELBQAwbTELMAkGA1UEBhMCc2UxCzAJBgNV\nBAgMAmFjMQ0wCwYDVQQHDAR1bWVhMRwwGgYDVQQKDBNJVFMgVW1lYSBVbml2ZXJz\naXR5MQ0wCwYDVQQLDARESVJHMRUwEwYDVQQDDAxsb2NhbGhvc3QuY2EwHhcNMjQx\nMTE0MDk0NTU5WhcNMzQxMTEyMDk0NTU5WjBaMQswCQYDVQQGEwJzZTELMAkGA1UE\nCAwCYWMxDTALBgNVBAcMBFVtZWExDDAKBgNVBAoMA0lUUzENMAsGA1UECwwERElS\nRzESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAtaITM3XboPHge+EXxH2iNg9UwHjLk25oxx0a0tx1HgNH1DnRXpqAKjuM\nwloDAzB3iuXrlyINg3OyCjtmRNeaC8dppC+Gy4B824scgPFtHuI408ITYrBWfiDc\nqxCWsL5lJro197CVx9++T1AlllsMCmcG+OC8EDKVS4wq0bSn/jxHK8D1/ihjt4od\nipn+7ycrsO44rSaOnS7QcwSUVLua8vdyzdTij95IYDeoU0wTJO31597ZbX5W4HV3\nudC6q6LYH7GoLx2ESHr+xoIfX0NWRk25Ql9kDqk9nwBa5gdEgRTOxnSOpx/Pjf8M\nA2MVBTHuuarRsWsVLfDsesYn6mVWeQIDAQABMA0GCSqGSIb3DQEBCwUAA4GBACp9\nwzuf2MmCMr0keolzanVc+1Dcc+Eg9PcLpShaqVMt+YgfyzF0yvWA50UEMWgwgj5x\n3iOcYlnRr7vODaelA7I5Us/2YbkV+Pem2NYRS+nSMWMPxf+b+/J3yHMVjXZP2G1V\ngGyuyTQiwzED/d8a5GIsNRbL2V/WOTTXTz729Y+iNMQCGPrCAPWKFdSE+Bzz5XCTzDUCpBKMoDqGaCKes+tZijuPUr+o/nSCaNEuJCQp\nVqgxNUfyKg3r86y35zTbtQc7gwFfEzT7eKlTYxUB/2PFNvVgt8BXevnlVKzpEwzc\nTUI83cTA9x+KoPfNKnxBsKH/5yNe4gksUwq/Tm+PoRTay0NkoiWcTmpOLv8wvaI0\njKrxomoMMDWGYT/4cHtA737JykTaZ+a3YGbZC3LNAYNmF3THL8m+UTSCKFrwFJIl\nnhvk8A6v7j34Ges8ibCWa1V12wZBjS45BTvg6wC+0g8/gERzHtMLqsC8FnBcExR1\ng1gWosmWmjZAWUW/vQGEkA==8LbZf5ULlomIJT/x12lzRd3JQB+goLqvhUz8ID7M0CD25/7LIQvuuZ0GccekTADI\nqvCDynBCpawc9v2JxfTtyjECk3WNNsy9r0JRItV+m2avelz6YuJntHi2BE/hyzwK\n34X4YXqSDD0H8l8P10anim1DGoKWXGoOEyYfEsuAQHyhQAXtqNYSnXV9C5wtLOdo\n7u69CNV00ybcR9R32yfs+9UE86YuR3JRuImrf8f1DaSItJecDe/j5fyWrOtidf5g\nJ9Go5Tw5q/YatOLrf3ZEaNlbs5aXdeTypRwklKjUHo4RSTQ89CJrZpevNR2mlakL\nXF+yJuvMAD5XDRCkmNflYARWSLVN3Iw+vT8MuiCupQTolkLFFk/3xS/OlTGjomYq\nv0kxlu3vxM6xeL2N8KQHBTI3MOSGb0VsDVnyI0+T8NO78rmGU4dObQ01rqSgZSk2\n6pXrdt+U0jb4NT+oWXbrb0jZmlP+h2MJLngaGP//8fD0KQ8taaH4mIXJBICn+5jM\naz6QHJutPEcb5KWwW508rAD/aq/gUM6DgbQ8kO5Rwv4+ZlHstyGCpfJ7fhkZHHxF\nsNQxmMRjV/QzrBelTA5FoFLe5XrvegpgOafVtyO5njcuW1skgRj9CEgdXMiBJ+A/\nn/diBJ6xkNV32atcqlu2DGHnVDYsV+TPxYzzryvBJe591Xron41hKjMvC9p99lDr\n3pECQvQvHWsN3FQKp0RXLc1l0HVzJjyfhM0SFlLmgy4ACkjAENrFB/gV+oXyx0zL\n5oS6ospCWVp3xj40A7PyY/pKia9sg5uuKehmJI/xckWLkX8kTOv2OzmBBIBmqpd4\nW9fUmWGyhjfz359Pl1Q9AwkBImk35NKovNUYUDNyWzooy+NMixPdYNX4Ol+DytJL\n54i4s1Mrttj8HdYJE6yDC3K7pMqM7NzPXn/W+8BMPoH8j5WyEa1UoiKNkqtaOwzO\nwa7klLsriq7uT00M8ljbYAf5StefqMpra6AOPOC62f9F/tJdP3Y6tXT/1LXulX0m\nkAZIazjQi+k1EFtk2oS1BtK50+jVznIvt4Tx0sWA4xyqGuiTpkXqb+cxzvmatsgJ\nwgZn5uU/k2eOIZi462dXW1uOhyA9gCBf9gZDqswYYW9tqm0j8P1PscG1R44xqLgq\nCyQFpiiEQV67OWbfOutJawTxrSPYmI1HtdN+R3ETYEqFarv/IPbux8CyH3Rin8Dj\nrKMtN1yzN1xkgPhjKaMqCwgw5OWvdXVXE3502DWOedf46h8+xFlDiEgMc58O24t1\n/xrstqQeNO7iKgS6kCZqv+9LtSYnKhHpWQ5kCevpuM6OM0yUM6nNouIpgaIn033X\nJmxbsg4z5m2YBLKM9qTaukjkvjCyygtzmKooo8N4nOPkudDJYg27d510AoP0soI+\nc6WSOGVIPkBVadKYvMIcifyjdh1shf01CxiEXragFkJE1Naj3I0NP5PSzrmgbqKn\nV9f3ldkVYIkAQwn3WqwdRk6H7mdt1pLolw/JHMEaGRO+R3IMWtQT/Njfg1lm2x8k\nAyM3X1dkNPu8S7upvYoR5OH8c1QSQe/WwbfmwNlNWbyoFa+RxIxMIxXb1IrMkqFl\noR3EgCvTCY5j8Gwk5QjUKCCVj08MBbMF1SxUQ57rGEmajid0BHRML6vSeg8rMvvY\n2V3ueKF4P696pNPLINM1vL/YeHuO0XgYurc3prI4DyY+Wq+XQQa49/Ladow6j9/t\n9AQrgKj18b/wfa+Zt1AC4H1VZCGG/UK3w0VlwokoKNrpC0FchAdfPdKmu1+GXg2m\n33Z2zAwlTALvhYl+uKMI/XjfzAqFM01Fk3UcDAwI1kAEUMmidXc4tFESJyzSQRAp\nAWlxSzPRQmjBlsocohp+dcAJoAavbTjKO7KZ4Edf1UEaqHBNnOK/fPTbTwkWuTLl\nRTPW3dveJ43fWcn2kPIq7DP0JJUIfhFjFd8ebel28UWp937slh9KUy/MfsyP+mL3\ncNB9Q1xwUV6Whgn//YxDIwm1+gSb/JIQpZ+i7zuaorYNgqIkDOk/Ef4Kp+WQEV5A\nDIychqPN0AuQbw3Foe8C4j7RnP/J38GAO8Y+TxD0PDq48pi0ygutjY9qnmQLRicO\nQmn3ESpTa5hfChUmIsjSVzhLjBkKjG9AxuAQaPGrRvV+sVMBnM58zoGU4gfU/qwU\nscJJ1evyXXwSYEIgHcQ8agHlFkv5/aHmGewtvWRu6nP8dfZP3xKY0dADzmip4TRX\n3CgPPosja6nmbK3J/SlURqxRChRnQT4xMbhdzudS2DUkudEKxSU8p7CjYfSNrVB0\nYxzDRO5uj9a1R2pJuEnHlrzNckHoRITrwberzTqumTQ99BQK0zd+8gdFWL7dpS1y\nyV7GuL3Khe3ZIwHYYmPIykPGNEtnOEk5S3EXr9hCAl2m/RyJVz4hJA==urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/login' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-VCtk3qmCtjZmuZE0q' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-VCtk3qmCtjZmuZE0q', '--output', '/tmp/tmp64qvp6lp.xml', '/tmp/tmpl1pttpns.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpl1pttpns.xml" output= __________________________ TestClient.test_response_7 __________________________ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=bc12a14b52720a7b0dd6f86af91e45566a1f06bbe18da419523971e358281df6urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginDerekJeterderek@nyy.mlb.comThe man' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-tb8muekgOkbt8yEoH' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmp6__3tlhq.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmp6__3tlhq.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_response_7(self): conf = config.SPConfig() conf.load_file("server_conf") _client = Saml2Client(conf) idp, ava, ava_verify, nameid_policy = self.setup_verify_authn_response() self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id1") > resp = self.server.create_authn_response( identity=ava, in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", name_id=self.name_id, userid="foba0001@example.com", authn=AUTHN, sign_response=True, sign_assertion=True, encrypt_assertion=True, encrypt_assertion_self_contained=True, encrypted_advice_attributes=True, ) tests/test_51_client.py:738: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:900: in _response response = signed_instance_factory(response, self.sec, to_sign_assertion) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=bc12a14b52720a7b0dd6f86af91e45566a1f06bbe18da419523971e358281df6urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginDerekJeterderek@nyy.mlb.comThe man' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-tb8muekgOkbt8yEoH' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-tb8muekgOkbt8yEoH', '--output', '/tmp/tmp7b12l42r.xml', '/tmp/tmp6__3tlhq.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmp6__3tlhq.xml" output= __________________________ TestClient.test_response_8 __________________________ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=ffb1e3d279b8443f6c049f503e73360ff898ad35c78e8de7db76989a8f388822urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginDerekJeterderek@nyy.mlb.comThe man' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-b7CPdVEmATKJO5w6C' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpx0_w7crm.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpx0_w7crm.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_response_8(self): conf = config.SPConfig() conf.load_file("server_conf") _client = Saml2Client(conf) idp, ava, ava_verify, nameid_policy = self.setup_verify_authn_response() self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id1") cert_str, cert_key_str = generate_cert() cert = {"cert": cert_str, "key": cert_key_str} > resp = self.server.create_authn_response( identity=ava, in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", name_id=self.name_id, userid="foba0001@example.com", authn=AUTHN, sign_response=True, sign_assertion=True, encrypt_assertion=True, encrypt_assertion_self_contained=True, encrypt_cert_assertion=cert_str, ) tests/test_51_client.py:776: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:900: in _response response = signed_instance_factory(response, self.sec, to_sign_assertion) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=ffb1e3d279b8443f6c049f503e73360ff898ad35c78e8de7db76989a8f388822urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginDerekJeterderek@nyy.mlb.comThe man' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-b7CPdVEmATKJO5w6C' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-b7CPdVEmATKJO5w6C', '--output', '/tmp/tmpto157otm.xml', '/tmp/tmpx0_w7crm.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpx0_w7crm.xml" output= _________________ TestClient.test_sign_then_encrypt_assertion __________________ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=_aaaJeterDerek' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-RLIkHbUith2sp4v0h' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmp4dx0gpri.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmp4dx0gpri.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_sign_then_encrypt_assertion(self): # Begin with the IdPs side _sec = self.server.sec assertion = s_utils.assertion_factory( subject=factory(saml.Subject, text="_aaa", name_id=factory(saml.NameID, format=NAMEID_FORMAT_TRANSIENT)), attribute_statement=do_attribute_statement( { ("", "", "sn"): ("Jeter", ""), ("", "", "givenName"): ("Derek", ""), } ), issuer=self.server._issuer(), ) assertion.signature = sigver.pre_signature_part(assertion.id, _sec.my_cert, 1) > sigass = _sec.sign_statement( assertion, class_name(assertion), key_file=full_path("test.key"), node_id=assertion.id ) tests/test_51_client.py:906: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=_aaaJeterDerek' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-RLIkHbUith2sp4v0h' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-RLIkHbUith2sp4v0h', '--output', '/tmp/tmpq1je0x4h.xml', '/tmp/tmp4dx0gpri.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmp4dx0gpri.xml" output= _________________ TestClient.test_sign_then_encrypt_assertion2 _________________ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginDerekJeter' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-dPln1sBmWfdVyZLpd' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpyc6_bm_5.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpyc6_bm_5.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_sign_then_encrypt_assertion2(self): # Begin with the IdPs side _sec = self.server.sec nameid_policy = samlp.NameIDPolicy(allow_create="false", format=saml.NAMEID_FORMAT_PERSISTENT) asser = Assertion({"givenName": "Derek", "sn": "Jeter"}) farg = add_path({}, ["assertion", "subject", "subject_confirmation", "method", saml.SCM_BEARER]) add_path( farg["assertion"]["subject"]["subject_confirmation"], ["subject_confirmation_data", "in_response_to", "_012345"], ) add_path( farg["assertion"]["subject"]["subject_confirmation"], ["subject_confirmation_data", "recipient", "http://lingon.catalogix.se:8087/"], ) assertion = asser.construct( self.client.config.entityid, self.server.config.attribute_converters, self.server.config.getattr("policy", "idp"), name_id=factory(saml.NameID, format=NAMEID_FORMAT_TRANSIENT), issuer=self.server._issuer(), authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", farg=farg["assertion"], ) assertion.signature = sigver.pre_signature_part(assertion.id, _sec.my_cert, 1) > sigass = _sec.sign_statement( assertion, class_name(assertion), key_file=self.client.sec.key_file, node_id=assertion.id ) tests/test_51_client.py:979: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginDerekJeter' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-dPln1sBmWfdVyZLpd' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-dPln1sBmWfdVyZLpd', '--output', '/tmp/tmp7s_s_4m6.xml', '/tmp/tmpyc6_bm_5.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpyc6_bm_5.xml" output= _____________ TestClient.test_sign_then_encrypt_assertion_advice_1 _____________ self = statement = 'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:spurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/logintest01test.testsson@test.seurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginDerekJeter' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-ry5eo6xodatpCLkw8' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpnywvej89.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpnywvej89.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_sign_then_encrypt_assertion_advice_1(self): # Begin with the IdPs side _sec = self.server.sec nameid_policy = samlp.NameIDPolicy(allow_create="false", format=saml.NAMEID_FORMAT_PERSISTENT) asser = Assertion({"givenName": "Derek", "sn": "Jeter"}) subject_confirmation_specs = { "recipient": "http://lingon.catalogix.se:8087/", "in_response_to": "_012345", "subject_confirmation_method": saml.SCM_BEARER, } name_id = factory(saml.NameID, format=NAMEID_FORMAT_TRANSIENT) farg = add_path({}, ["assertion", "subject", "subject_confirmation", "method", saml.SCM_BEARER]) add_path( farg["assertion"]["subject"]["subject_confirmation"], ["subject_confirmation_data", "in_response_to", "_012345"], ) add_path( farg["assertion"]["subject"]["subject_confirmation"], ["subject_confirmation_data", "recipient", "http://lingon.catalogix.se:8087/"], ) assertion = asser.construct( self.client.config.entityid, self.server.config.attribute_converters, self.server.config.getattr("policy", "idp"), issuer=self.server._issuer(), name_id=name_id, authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", farg=farg["assertion"], ) a_asser = Assertion({"uid": "test01", "email": "test.testsson@test.se"}) a_assertion = a_asser.construct( self.client.config.entityid, self.server.config.attribute_converters, self.server.config.getattr("policy", "idp"), issuer=self.server._issuer(), authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", name_id=name_id, farg=farg["assertion"], ) a_assertion.signature = sigver.pre_signature_part(a_assertion.id, _sec.my_cert, 1) assertion.advice = Advice() assertion.advice.encrypted_assertion = [] assertion.advice.encrypted_assertion.append(EncryptedAssertion()) assertion.advice.encrypted_assertion[0].add_extension_element(a_assertion) response = response_factory( in_response_to="_012345", destination="http://lingon.catalogix.se:8087/", status=s_utils.success_status_factory(), issuer=self.server._issuer(), ) response.assertion.append(assertion) > response = _sec.sign_statement( f"{response}", class_name(a_assertion), key_file=self.client.sec.key_file, node_id=a_assertion.id ) tests/test_51_client.py:1081: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:spurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/logintest01test.testsson@test.seurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginDerekJeter' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-ry5eo6xodatpCLkw8' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-ry5eo6xodatpCLkw8', '--output', '/tmp/tmpaonipbri.xml', '/tmp/tmpnywvej89.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpnywvej89.xml" output= _____________ TestClient.test_sign_then_encrypt_assertion_advice_2 _____________ self = statement = 'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:spurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/logintest01urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginDerek' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-PsG6qL4jJtVlS7sy9' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmps8fane72.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmps8fane72.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_sign_then_encrypt_assertion_advice_2(self): # Begin with the IdPs side _sec = self.server.sec nameid_policy = samlp.NameIDPolicy(allow_create="false", format=saml.NAMEID_FORMAT_PERSISTENT) asser_1 = Assertion({"givenName": "Derek"}) farg = add_path({}, ["assertion", "subject", "subject_confirmation", "method", saml.SCM_BEARER]) add_path( farg["assertion"]["subject"]["subject_confirmation"], ["subject_confirmation_data", "in_response_to", "_012345"], ) add_path( farg["assertion"]["subject"]["subject_confirmation"], ["subject_confirmation_data", "recipient", "http://lingon.catalogix.se:8087/"], ) name_id = factory(saml.NameID, format=NAMEID_FORMAT_TRANSIENT) assertion_1 = asser_1.construct( self.client.config.entityid, self.server.config.attribute_converters, self.server.config.getattr("policy", "idp"), issuer=self.server._issuer(), authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", name_id=name_id, farg=farg["assertion"], ) asser_2 = Assertion({"sn": "Jeter"}) assertion_2 = asser_2.construct( self.client.config.entityid, self.server.config.attribute_converters, self.server.config.getattr("policy", "idp"), issuer=self.server._issuer(), authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", name_id=name_id, farg=farg["assertion"], ) a_asser_1 = Assertion({"uid": "test01"}) a_assertion_1 = a_asser_1.construct( self.client.config.entityid, self.server.config.attribute_converters, self.server.config.getattr("policy", "idp"), issuer=self.server._issuer(), authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", name_id=name_id, farg=farg["assertion"], ) a_asser_2 = Assertion({"email": "test.testsson@test.se"}) a_assertion_2 = a_asser_2.construct( self.client.config.entityid, self.server.config.attribute_converters, self.server.config.getattr("policy", "idp"), issuer=self.server._issuer(), authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", name_id=name_id, farg=farg["assertion"], ) a_asser_3 = Assertion({"street": "street"}) a_assertion_3 = a_asser_3.construct( self.client.config.entityid, self.server.config.attribute_converters, self.server.config.getattr("policy", "idp"), issuer=self.server._issuer(), authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", name_id=name_id, farg=farg["assertion"], ) a_asser_4 = Assertion({"title": "title"}) a_assertion_4 = a_asser_4.construct( self.client.config.entityid, self.server.config.attribute_converters, self.server.config.getattr("policy", "idp"), issuer=self.server._issuer(), authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", name_id=name_id, farg=farg["assertion"], ) a_assertion_1.signature = sigver.pre_signature_part(a_assertion_1.id, _sec.my_cert, 1) a_assertion_2.signature = sigver.pre_signature_part(a_assertion_2.id, _sec.my_cert, 1) a_assertion_3.signature = sigver.pre_signature_part(a_assertion_3.id, _sec.my_cert, 1) a_assertion_4.signature = sigver.pre_signature_part(a_assertion_4.id, _sec.my_cert, 1) assertion_1.signature = sigver.pre_signature_part(assertion_1.id, _sec.my_cert, 1) assertion_2.signature = sigver.pre_signature_part(assertion_2.id, _sec.my_cert, 1) response = response_factory( in_response_to="_012345", destination="http://lingon.catalogix.se:8087/", status=s_utils.success_status_factory(), issuer=self.server._issuer(), ) response.assertion = assertion_1 response.assertion.advice = Advice() response.assertion.advice.encrypted_assertion = [] response.assertion.advice.encrypted_assertion.append(EncryptedAssertion()) response.assertion.advice.encrypted_assertion[0].add_extension_element(a_assertion_1) advice_tag = response.assertion.advice._to_element_tree().tag assertion_tag = a_assertion_1._to_element_tree().tag response = response.get_xml_string_with_self_contained_assertion_within_advice_encrypted_assertion( assertion_tag, advice_tag ) > response = _sec.sign_statement( f"{response}", class_name(a_assertion_1), key_file=self.server.sec.key_file, node_id=a_assertion_1.id ) tests/test_51_client.py:1242: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:spurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/logintest01urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginDerek' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-PsG6qL4jJtVlS7sy9' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-PsG6qL4jJtVlS7sy9', '--output', '/tmp/tmppbk7yv70.xml', '/tmp/tmps8fane72.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmps8fane72.xml" output= ______________ TestClient.test_signed_with_default_algo_redirect _______________ self = def test_signed_with_default_algo_redirect(self): # Revert configuration change to disallow unsinged responses self.client.want_response_signed = True reqid, req = self.client.create_authn_request("http://localhost:8088/sso", message_id="id1") msg_str = str(req) > info = self.client.apply_binding( BINDING_HTTP_REDIRECT, msg_str, destination="", relay_state="relay2", sign=True, ) tests/test_51_client.py:1389: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:286: in apply_binding info = http_redirect_message( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/pack.py:182: in http_redirect_message args["Signature"] = base64.b64encode(signer.sign(string_enc)) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:521: in sign return saml2.cryptography.asymmetric.key_sign(key or self.key, msg, self.digest) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ rsakey = message = b'SAMLRequest=tZRvb9owEMa%2FiuX3cf6UddQiSGxdNaSuQ4Xtxd6Z%2BIDTEjvzXSr67acYaKuKIjZtyiuf7%2FJ7nvPZI0eZnnS8cffwqwNisW1qR9pRVsouOO0NIWlnGiDNlZ5PvtzqQmW6DZ595Wv5VFCUcsPc6jQFtIYUdMG3RkGXkmnqBLYMjtA7OpT04dMQQwSB0TspptelRJtL8R1C%2F5dSFiqTYkrUwdQRG8elLLJikOR5kg8W2ZUeXOos%2ByHFNRCjMxyr9hJrX5l644n1MBsOUyIvxWxv6QM6i259Wtpyl0T682IxS2Zf5wspJge5H72jroEwh%2FCAFXy7v30Go1t7pyrDpvZr3CqCXsL7NPIf0EK4Mw3s4I2pQMPWNG0NqvJNbJkOvjbOamrleBQDsQlB3PjQGD4tu4%2BgTVYxVYNj5Ec5PoM1Sl%2BgxqN%2BbD49nWi%2FLvR%2BgsBOmAMuO4Y3N8SzR49W5%2BpCXapcDVSu3l0VFyqPXyFj3jm%2BDHPoowdnXUApbgKCs%2FXjDga2m0Eg7%2B6w%2BtnnSoHUS8MAtpQrUxNIkZ4hObbKYojUuJlYWOkjgL%2BVvzSE1R8a4ND9I%2F3zyrdgJ6sV1mh21%2B%2F%2FGDkCOn4k6Zvzlb6exPT1izb%2BDQ%3D%3D&RelayState=relay2&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1' digest = def key_sign(rsakey, message, digest): """Sign the given message with the RSA key.""" padding = _asymmetric.padding.PKCS1v15() > signature = rsakey.sign(message, padding, digest) E cryptography.exceptions.UnsupportedAlgorithm: sha1 is not supported by this backend for RSA signing. ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/cryptography/asymmetric.py:17: UnsupportedAlgorithm __________________ TestClient.test_do_logout_signed_redirect ___________________ self = def test_do_logout_signed_redirect(self): conf = config.SPConfig() conf.load_file("sp_slo_redirect_conf") client = Saml2Client(conf) # information about the user from an IdP session_info = { "name_id": nid, "issuer": "urn:mace:example.com:saml:roland:idp", "not_on_or_after": in_a_while(minutes=15), "ava": {"givenName": "Anders", "sn": "Andersson", "mail": "anders.andersson@example.com"}, } client.users.add_information_about_person(session_info) entity_ids = client.users.issuers_of_info(nid) assert entity_ids == ["urn:mace:example.com:saml:roland:idp"] > resp = client.do_logout( nid, entity_ids, "Tired", in_a_while(minutes=5), sign=True, expected_binding=BINDING_HTTP_REDIRECT ) tests/test_51_client.py:1527: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/client.py:333: in do_logout http_info = self.apply_binding( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:286: in apply_binding info = http_redirect_message( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/pack.py:182: in http_redirect_message args["Signature"] = base64.b64encode(signer.sign(string_enc)) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:521: in sign return saml2.cryptography.asymmetric.key_sign(key or self.key, msg, self.digest) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ rsakey = message = b'SAMLRequest=nVLNasJAEH6VZe8xm1StHWLAIqUBq9RKD70tcaMLuzvpzoRqn74k9VBa8NDTwPD9DlMEUrDCA3a8Ne%2BdIRYn7wJBIDWXXQyAmixB0N4QcA0vi6cV5CMFbUTGGp28EEh7d52hiUxki0GKajmXdp8szod2%2BnF7Wqx39%2BfssfmU4tVEshjmMh8pKSqizlSBWAeey1zl4yTLkmy8U3cwnoJSb1IsDbENmgfWkbmFNHVYa3dEYpip2Swlh1JsjaYesrPR7KVYI2%2FCJi4aNvG39CQbpMuiLwVDiCgeMHrN1yv2G7tPmgEKJrDlsyx7hte1AXPSvnVmVKMf7gURnQ57oLZIf1hdfNfam2op%2BvHcaWcb2ydtEOU%2FsnDUgawJLMssvxlPphfHb5OySP88QvkF&RelayState=id-Aygp6w7xANTBy1Hfz%7C1731577560%7C7754ba34344d1aa3697735bd0ec1994e858a9b83&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1' digest = def key_sign(rsakey, message, digest): """Sign the given message with the RSA key.""" padding = _asymmetric.padding.PKCS1v15() > signature = rsakey.sign(message, padding, digest) E cryptography.exceptions.UnsupportedAlgorithm: sha1 is not supported by this backend for RSA signing. ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/cryptography/asymmetric.py:17: UnsupportedAlgorithm ______________ TestClient.test_do_logout_signed_redirect_invalid _______________ self = def test_do_logout_signed_redirect_invalid(self): conf = config.SPConfig() conf.load_file("sp_slo_redirect_conf") client = Saml2Client(conf) session_info = { "name_id": nid, "issuer": "urn:mace:example.com:saml:roland:idp", "not_on_or_after": in_a_while(minutes=15), "ava": {"givenName": "Anders", "sn": "Andersson", "mail": "anders.andersson@example.com"}, } client.users.add_information_about_person(session_info) entity_ids = client.users.issuers_of_info(nid) > resp = client.do_logout( nid, entity_ids, "Tired", in_a_while(minutes=5), sign=True, expected_binding=BINDING_HTTP_REDIRECT, ) tests/test_51_client.py:1565: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/client.py:333: in do_logout http_info = self.apply_binding( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:286: in apply_binding info = http_redirect_message( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/pack.py:182: in http_redirect_message args["Signature"] = base64.b64encode(signer.sign(string_enc)) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:521: in sign return saml2.cryptography.asymmetric.key_sign(key or self.key, msg, self.digest) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ rsakey = message = b'SAMLRequest=nVJLa8JAEP4ry941mxjFDklAECFgFe3j0Ns2rnXL7o7dmaD215ekHkoLHnoaGL7nMEUgBUt8w5a35qM1xOLsXSAIpErZxgCoyRIE7Q0BN%2FAwu19CNlRwjMjYoJNXAmnvbjM0kYlsMUhRz0tpd4PTq1q9XyanOJo9fV7Wm4UUzyaSxVDKbKikqIlaUwdiHbiUmcryQZoO0vxR3UE%2BAZW%2BSDE3xDZo7lkH5iMkicNGuwMSw1RNpwk5lGJrNHWQRxvNTooV8jqs42zPJv6WHqe9dFV0paAPEcUCo9d8u2K3sbvBvoeCCWz5IquO4XVjwJy1PzozbND394KITocd0LFIflhdfVfam3ouurFptbN72yXdI8p%2FZOGoA1kTWFZpNsrHk6vjt0lVJH8eofoC&RelayState=id-wb0Njy6wr3AUzyOQF%7C1731577561%7C21564972ad879048d12f2dd29a93f5e8ce7eedc1&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1' digest = def key_sign(rsakey, message, digest): """Sign the given message with the RSA key.""" padding = _asymmetric.padding.PKCS1v15() > signature = rsakey.sign(message, padding, digest) E cryptography.exceptions.UnsupportedAlgorithm: sha1 is not supported by this backend for RSA signing. ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/cryptography/asymmetric.py:17: UnsupportedAlgorithm ________________________ TestClient.test_do_logout_post ________________________ self = statement = b'urn:mace:example.com:saml:roland:spMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=123456_foo' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:LogoutRequest' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-gzsf9frpqP1MrLxHD' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:LogoutRequest', ...] extra_args = ['/tmp/tmpr2agz_64.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpr2agz_64.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_do_logout_post(self): # information about the user from an IdP session_info = { "name_id": nid, "issuer": "urn:mace:example.com:saml:roland:idp", "not_on_or_after": in_a_while(minutes=15), "ava": {"givenName": "Anders", "sn": "Andersson", "mail": "anders.andersson@example.com"}, "session_index": SessionIndex("_foo"), } self.client.users.add_information_about_person(session_info) entity_ids = self.client.users.issuers_of_info(nid) assert entity_ids == ["urn:mace:example.com:saml:roland:idp"] > resp = self.client.do_logout( nid, entity_ids, "Tired", in_a_while(minutes=5), sign=True, expected_binding=BINDING_HTTP_POST ) tests/test_51_client.py:1609: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/client.py:321: in do_logout req_id, request = self.create_logout_request( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:1147: in create_logout_request return self._message( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:588: in _message signed_req = self.sign( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:524: in sign return signed_instance_factory(msg, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:spMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=123456_foo' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:LogoutRequest' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-gzsf9frpqP1MrLxHD' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:LogoutRequest', '--node-id', 'id-gzsf9frpqP1MrLxHD', '--output', '/tmp/tmpq4_u70fn.xml', '/tmp/tmpr2agz_64.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpr2agz_64.xml" output= __________________ TestClient.test_do_logout_session_expired ___________________ self = statement = b'urn:mace:example.com:saml:roland:spMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=123456_foo' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:LogoutRequest' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-p9jUlh2LvJafJKauM' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:LogoutRequest', ...] extra_args = ['/tmp/tmpzxmcy4ei.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpzxmcy4ei.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_do_logout_session_expired(self): # information about the user from an IdP session_info = { "name_id": nid, "issuer": "urn:mace:example.com:saml:roland:idp", "not_on_or_after": a_while_ago(minutes=15), "ava": {"givenName": "Anders", "sn": "Andersson", "mail": "anders.andersson@example.com"}, "session_index": SessionIndex("_foo"), } self.client.users.add_information_about_person(session_info) entity_ids = self.client.users.issuers_of_info(nid) assert entity_ids == ["urn:mace:example.com:saml:roland:idp"] > resp = self.client.do_logout( nid, entity_ids, "Tired", in_a_while(minutes=5), sign=True, expected_binding=BINDING_HTTP_POST ) tests/test_51_client.py:1661: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/client.py:321: in do_logout req_id, request = self.create_logout_request( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:1147: in create_logout_request return self._message( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:588: in _message signed_req = self.sign( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:524: in sign return signed_instance_factory(msg, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:spMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=123456_foo' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:LogoutRequest' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-p9jUlh2LvJafJKauM' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:LogoutRequest', '--node-id', 'id-p9jUlh2LvJafJKauM', '--output', '/tmp/tmp8q8ryeho.xml', '/tmp/tmpzxmcy4ei.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpzxmcy4ei.xml" output= _______________________ TestClient.test_signature_wants ________________________ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idp8c6a5405d22fa41281687e38f4615fdb41a8a8ac3355ef38e478b3997ef59b90urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginDerekJeterderek@nyy.mlb.comThe man' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:Response' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-KuUw8viD60Fye7YiJ' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:Response', ...] extra_args = ['/tmp/tmp8l0b85dk.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmp8l0b85dk.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_signature_wants(self): ava = {"givenName": ["Derek"], "sn": ["Jeter"], "mail": ["derek@nyy.mlb.com"], "title": ["The man"]} nameid_policy = samlp.NameIDPolicy(allow_create="false", format=saml.NAMEID_FORMAT_PERSISTENT) kwargs = { "identity": ava, "in_response_to": "id1", "destination": "http://lingon.catalogix.se:8087/", "sp_entity_id": "urn:mace:example.com:saml:roland:sp", "name_id_policy": nameid_policy, "userid": "foba0001@example.com", "authn": AUTHN, } outstanding = {"id1": "http://foo.example.com/service"} def create_authn_response(**kwargs): return b64encode(str(self.server.create_authn_response(**kwargs)).encode()) def parse_authn_response(response): self.client.parse_authn_request_response(response, BINDING_HTTP_POST, outstanding) def set_client_want(response, assertion, either): self.client.want_response_signed = response self.client.want_assertions_signed = assertion self.client.want_assertions_or_response_signed = either # Response is signed but assertion is not. kwargs["sign_response"] = True kwargs["sign_assertion"] = False > response = create_authn_response(**kwargs) tests/test_51_client.py:1706: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ tests/test_51_client.py:1693: in create_authn_response return b64encode(str(self.server.create_authn_response(**kwargs)).encode()) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:918: in _response return self.sign(response, to_sign=to_sign, sign_alg=sign_alg, digest_alg=digest_alg) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:524: in sign return signed_instance_factory(msg, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idp8c6a5405d22fa41281687e38f4615fdb41a8a8ac3355ef38e478b3997ef59b90urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginDerekJeterderek@nyy.mlb.comThe man' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:Response' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-KuUw8viD60Fye7YiJ' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:Response', '--node-id', 'id-KuUw8viD60Fye7YiJ', '--output', '/tmp/tmptcjxmq5x.xml', '/tmp/tmp8l0b85dk.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmp8l0b85dk.xml" output= ________________ TestClientNonAsciiAva.test_sign_auth_request_0 ________________ self = statement = b'urn:mace:example.com:saml:roland:spMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:AuthnRequest' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id1' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:AuthnRequest', ...] extra_args = ['/tmp/tmpx3z06cl5.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpx3z06cl5.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_sign_auth_request_0(self): > req_id, areq = self.client.create_authn_request("http://www.example.com/sso", sign=True, message_id="id1") tests/test_51_client.py:2023: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/client_base.py:445: in create_authn_request msg = self._message( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:588: in _message signed_req = self.sign( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:524: in sign return signed_instance_factory(msg, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:spMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:AuthnRequest' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id1' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:AuthnRequest', '--node-id', 'id1', '--output', '/tmp/tmpn6ym0d3r.xml', '/tmp/tmpx3z06cl5.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpx3z06cl5.xml" output= ____________________ TestClientNonAsciiAva.test_response_1 _____________________ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idp8c6a5405d22fa41281687e38f4615fdb41a8a8ac3355ef38e478b3997ef59b90urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginDaveConcepci\xc3\xb3nDave@cnr.mlb.com#13' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:Response' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-V5M9GNMsBsAtnIXek' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:Response', ...] extra_args = ['/tmp/tmp133rdgw9.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmp133rdgw9.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_response_1(self): IDP = "urn:mace:example.com:saml:roland:idp" ava = {"givenName": ["Dave"], "sn": ["Concepción"], "mail": ["Dave@cnr.mlb.com"], "title": ["#13"]} nameid_policy = samlp.NameIDPolicy(allow_create="false", format=saml.NAMEID_FORMAT_PERSISTENT) > resp = self.server.create_authn_response( identity=ava, in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", name_id_policy=nameid_policy, sign_response=True, userid="foba0001@example.com", authn=AUTHN, ) tests/test_51_client.py:2066: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:918: in _response return self.sign(response, to_sign=to_sign, sign_alg=sign_alg, digest_alg=digest_alg) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:524: in sign return signed_instance_factory(msg, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idp8c6a5405d22fa41281687e38f4615fdb41a8a8ac3355ef38e478b3997ef59b90urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginDaveConcepci\xc3\xb3nDave@cnr.mlb.com#13' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:Response' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-V5M9GNMsBsAtnIXek' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:Response', '--node-id', 'id-V5M9GNMsBsAtnIXek', '--output', '/tmp/tmpfp3hsabp.xml', '/tmp/tmp133rdgw9.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmp133rdgw9.xml" output= ____________________ TestClientNonAsciiAva.test_response_2 _____________________ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=cd6e8261fba557bf8e70bbe7ceb6d731fe6c768f1ff8a70acef74d4a1be47c90urn:mace:example.com:saml:roland:spMIICujCCAiMCAQEwDQYJKoZIhvcNAQELBQAwbTELMAkGA1UEBhMCc2UxCzAJBgNV\nBAgMAmFjMQ0wCwYDVQQHDAR1bWVhMRwwGgYDVQQKDBNJVFMgVW1lYSBVbml2ZXJz\naXR5MQ0wCwYDVQQLDARESVJHMRUwEwYDVQQDDAxsb2NhbGhvc3QuY2EwHhcNMjQx\nMTE0MDk0NjAxWhcNMzQxMTEyMDk0NjAxWjBaMQswCQYDVQQGEwJzZTELMAkGA1UE\nCAwCYWMxDTALBgNVBAcMBFVtZWExDDAKBgNVBAoMA0lUUzENMAsGA1UECwwERElS\nRzESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAsR0AU7OX0sOLz2CJghsd0OGkd9xcwaRHGkMsasrkUsfkqyWUhnGxNu5I\nwGDSOnLEZ8q+4T5Uz6mm47UyIOgTOYxN6oN0I0ADgyzXnSBs/HyrsE5aFNFH5bGl\napN8NPf6G3AW27Egh2lRYIGJtOQAtYPMSjuF1xMEDrQnblVE7saXFsrWdfLylJ2N\nAGiFb0jYQzQlqJQBx/fYxvsHeHAvHTSbwYuWK372dQTUR9RNqN1Srczezf7XJQgd\nYyMg83JRWEYPfQqhD4a7mYQz6t55ZLb6rMQiNuMcJKGqSINA43jomMXDgPw7ZCRR\npgEDPxxq4rwnE8QotQbCVd4O3GnkOwIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAKxp\nRopioKFGAcDk2TRTbVAfQI0U6ZVJnGxI2+zL2iATt4qOB0beL0Z8jNlYw8ctw1oY\nW0u7L4PbW6ohkbUw5EdhRscwP0F/2ehsuqxIm6QWr6+d+S9TYPvsbzysWZ3LExlq\ndlYivZKg2ptuCW+lsv1PR4IooFEZjIP0/+cZ33yXHluW+1V6Fz0hW4NQktS66cNHx8h4fw0LhssGlc8sKvH564JWveoh75rn12fFelXZ\nTtp05LOnHZTvu0W8+1GrqDMYoujp2oHif8nZUwqq5j/7l1N741XWpyurubtfPkvH\nEY/IVJOa0u+vqYVt7uun+1Cn/uo1+BuCFKPjPAsP3jo0zLlhH6eN3ot7613BK0zd\nZ8zIhCcATgT+Gly5kDmvkKaBmHiKV5thIbTp4EY1EHCkE00ZCErrfV+JrkXniPA9\nC1pKeLWyj0DsRpLKwze5kg/D30zw6ppNwkXLB/ZVY3iMseDk7WdtmOH0LtiH/X2j\nUL09pNVPKBdmAixIGiahqg==qTcTVtGS/rusBsNngrZDce1LaniEw/M1Dm0IFgrwpgvkVzQBnDGWFzvohNJnIrcr\n7+VnrczKMY6x46jGHcSZGCUwxWAv/22W0UV7/dEQFyDPJzEUnC684w7TeU2Ih1X9\n14VIFExiqLtfljOvc6cIn9l0SrDBSRk91JhvC/KrASlX3HcPRur6Fzfadf/3F/B7\nYOTSINnxJVhPp10xQ7fKWsVG5EmrQnR+zrnxRGy4q9e7a2RijxK1xUE0ZCREFi4+\nTbrfaJ5cPHm3cJs6iySWolgJ89MMS1Vr9LsgjvUzIFLLgHPN9mMUOQbyf20CnF4z\nPRtOV+yj5b3QzDJDdTWZTzDxlNY2S6H5ExBmo9KutLYTXEONN8TznHpfCYPa+gBi\nnVkisdU12qMA6GBPviC/GoCAnHka3/gizQaduFSFZJ0mR7KUPhwrS4kNmeGnLKaX\ntLQsBpHFq0fLK9eLyr32TopYSpuRV4KwCMnpLwxHqjoruJzwuCGi8WFfVxjDghOE\nNDeR42TQ4itqxD+i40AspugJO+JBwRroQuhGJSM/9oBkdlgeEdVQcEvKZBcyArKn\nyaekrSCcbvKgLfiYYQp+EzGcqV/UfGbiAefM7Bo0907350fi13l/geJqY07vlSQ+\n/HLO883d6Lv4NqRQqaiUsWmdMR4mGfurTTk4K8q8XQepV8XLTmP8b5y892V0TIza\nQTyta+o/c72uTg49q+JIrhfF0V/Mbh2SSCdi0iytSpnH6JxdAqW/pCfQ51A3dzNa\nRPkRGA1un+6Ywrq23ugTgckrF+Wr3XWca6XHsjqGz2iVU7cspz+gFePS2WYUL9oT\nBPfS32foB1JyXz4tmJzOePPl7DDHDXQ1T+zVgeC0EBbKilEOOjEwoOZgl8Ktcclp\nQuA15Oe4Gm5N7xn3/4LSlmedmo7Ar9LIQLdZ7YMJRoE4dBGIWM/CgiPJ9AXSsj4K\nW2bAzkRKJNsK/f+D3i6BfHZRm7ND0Afa4aCfnFwcBFkPa1SO+X8p4gDl29QchlTI\n31qerhqm8R6jaU8eGPyJSwPLN1j0jQfG3bmU2lvM1gS7G9OSoKEJ0gwH21sjLzZG\nzlSqPjzlUDnZnCWjODUqdbO3/Vg49+EzSCSxH8/rhPS7r8gSCPprh7EXB48QpRJU\nb4D49GZaI+UMD4laEua8up3sw1Etotj5A7NS1TSFQOd5nIow7NxbKtIZceFAKTlP\n9aCRJKQFlCmn1uwGHmtcqvRy18S7by/nRFd7hDj32jaBgsfj0yd5i7FW3hzHttcL\nW15mqge+kh9q7QPMBWHT+0ybgWYj3V3DnViTdB6agKnS9+s+l1sdhckkm7l3aDFN\nqKNUhDUOd47TSQHBoxcjOL+6My9CQVlHN/vLKODnP4Jundp7fW1od8stTXNkRyOq\nO2xeqTIHCX/eceqLG5rohoUFh/GGNfEq4CNw+fXuPwBulbU4t6/wh1uQ+87YmzB7\nLQdnGqHsn/5ezuRQdxCeY+DJ9PqnIYo9HSCe+T9r1PDIbogAFzDX0OUHljXvP2M6\n2lMNl/chjctdfroFDmDOEzHj6tBbYpuouc0hSMVNsSqUM1Rx0VjZtM+toRxX6Sn2\njoWyUPE3sx0BuVBNDR/qauWkOn2KBvwFkk/Czxad3RqzrTpvd38+6GRmxc+DhCfe\ncOU44EhPm41oZ+Vwj2+ChuovnAkEDH558PPgRv7UT//wO8TBr8qyj48x7U96+TfC\novWlm4ib+WPq/h3XoDCi5kFTGXqlWuABsGwOdJF0+r/k2KwsqgrJ0ux6kNacYlzv\nM2z3uCLZmPzs+aOyRHE3Itv7vUrq0+k7YEBKAA03ISW8QHsBd/tN8qVbvWxaPzDk\nlgcdsHdxdCqNYNDH5Jwu5hA8BoEEhd99LQhHn+qst9OB74uCPn6GZ4FhCspIq66b\nGhSmvjqSb6n5+G9OOs7qde51cBD9J2+SJdq6ZCxUShE62JNoPoO9SCP1VE8HRNXp\nkd74wtbE35aoZNsmbCNO7mz7nyGf33W4gMGn/BoFConsk4i4HhLciCmWTaAxqPef\nfdj+UCjLHTo75AIDPNsjCP7eyW4VT5PL89u6+GmlIf4uc3llyNrJ+e179kPbVWec\n95FDdeL4os+9KgXtRd8IA+YcJkK/nMO03CWdfQdnx7xDVj2iA/a/xnEkX/ovkiGn\nycUOeJuVBvotVOporX0RD+/j7CE0t4KXi2G1ONc4smnhXiexX7yWIJkxkQSmrD3N\nXvFhR+RKPCiKcY1yBd1tr00jYfQaqeMkiZPGEzAS9Ow/3u7CP+NqxidhHIYOadNF\nPm1Mb0YDBXVMAr36vi6JGuFCfaTApZfPcNNtvF1+Sn3osoTIVeijHxbAqPuOBKga\nMsGICwWt0zf9CRh/qPIi7ColYObHfkf1GXO+jITnVnnS8u6z00IDGA==urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/login' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-VReVMkBGxu21YaP5a' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpf815t6h6.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpf815t6h6.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_response_2(self): conf = config.SPConfig() conf.load_file("server_conf") _client = Saml2Client(conf) idp, ava, ava_verify, nameid_policy = self.setup_verify_authn_response() cert_str, cert_key_str = generate_cert() cert = {"cert": cert_str, "key": cert_key_str} self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id1") > resp = self.server.create_authn_response( identity=ava, in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", name_id=self.name_id, userid="foba0001@example.com", authn=AUTHN, sign_response=True, sign_assertion=True, encrypt_assertion=False, encrypt_assertion_self_contained=True, pefim=True, encrypt_cert_advice=cert_str, ) tests/test_51_client.py:2146: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:907: in _response response = signed_instance_factory(response, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=cd6e8261fba557bf8e70bbe7ceb6d731fe6c768f1ff8a70acef74d4a1be47c90urn:mace:example.com:saml:roland:spMIICujCCAiMCAQEwDQYJKoZIhvcNAQELBQAwbTELMAkGA1UEBhMCc2UxCzAJBgNV\nBAgMAmFjMQ0wCwYDVQQHDAR1bWVhMRwwGgYDVQQKDBNJVFMgVW1lYSBVbml2ZXJz\naXR5MQ0wCwYDVQQLDARESVJHMRUwEwYDVQQDDAxsb2NhbGhvc3QuY2EwHhcNMjQx\nMTE0MDk0NjAxWhcNMzQxMTEyMDk0NjAxWjBaMQswCQYDVQQGEwJzZTELMAkGA1UE\nCAwCYWMxDTALBgNVBAcMBFVtZWExDDAKBgNVBAoMA0lUUzENMAsGA1UECwwERElS\nRzESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAsR0AU7OX0sOLz2CJghsd0OGkd9xcwaRHGkMsasrkUsfkqyWUhnGxNu5I\nwGDSOnLEZ8q+4T5Uz6mm47UyIOgTOYxN6oN0I0ADgyzXnSBs/HyrsE5aFNFH5bGl\napN8NPf6G3AW27Egh2lRYIGJtOQAtYPMSjuF1xMEDrQnblVE7saXFsrWdfLylJ2N\nAGiFb0jYQzQlqJQBx/fYxvsHeHAvHTSbwYuWK372dQTUR9RNqN1Srczezf7XJQgd\nYyMg83JRWEYPfQqhD4a7mYQz6t55ZLb6rMQiNuMcJKGqSINA43jomMXDgPw7ZCRR\npgEDPxxq4rwnE8QotQbCVd4O3GnkOwIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAKxp\nRopioKFGAcDk2TRTbVAfQI0U6ZVJnGxI2+zL2iATt4qOB0beL0Z8jNlYw8ctw1oY\nW0u7L4PbW6ohkbUw5EdhRscwP0F/2ehsuqxIm6QWr6+d+S9TYPvsbzysWZ3LExlq\ndlYivZKg2ptuCW+lsv1PR4IooFEZjIP0/+cZ33yXHluW+1V6Fz0hW4NQktS66cNHx8h4fw0LhssGlc8sKvH564JWveoh75rn12fFelXZ\nTtp05LOnHZTvu0W8+1GrqDMYoujp2oHif8nZUwqq5j/7l1N741XWpyurubtfPkvH\nEY/IVJOa0u+vqYVt7uun+1Cn/uo1+BuCFKPjPAsP3jo0zLlhH6eN3ot7613BK0zd\nZ8zIhCcATgT+Gly5kDmvkKaBmHiKV5thIbTp4EY1EHCkE00ZCErrfV+JrkXniPA9\nC1pKeLWyj0DsRpLKwze5kg/D30zw6ppNwkXLB/ZVY3iMseDk7WdtmOH0LtiH/X2j\nUL09pNVPKBdmAixIGiahqg==qTcTVtGS/rusBsNngrZDce1LaniEw/M1Dm0IFgrwpgvkVzQBnDGWFzvohNJnIrcr\n7+VnrczKMY6x46jGHcSZGCUwxWAv/22W0UV7/dEQFyDPJzEUnC684w7TeU2Ih1X9\n14VIFExiqLtfljOvc6cIn9l0SrDBSRk91JhvC/KrASlX3HcPRur6Fzfadf/3F/B7\nYOTSINnxJVhPp10xQ7fKWsVG5EmrQnR+zrnxRGy4q9e7a2RijxK1xUE0ZCREFi4+\nTbrfaJ5cPHm3cJs6iySWolgJ89MMS1Vr9LsgjvUzIFLLgHPN9mMUOQbyf20CnF4z\nPRtOV+yj5b3QzDJDdTWZTzDxlNY2S6H5ExBmo9KutLYTXEONN8TznHpfCYPa+gBi\nnVkisdU12qMA6GBPviC/GoCAnHka3/gizQaduFSFZJ0mR7KUPhwrS4kNmeGnLKaX\ntLQsBpHFq0fLK9eLyr32TopYSpuRV4KwCMnpLwxHqjoruJzwuCGi8WFfVxjDghOE\nNDeR42TQ4itqxD+i40AspugJO+JBwRroQuhGJSM/9oBkdlgeEdVQcEvKZBcyArKn\nyaekrSCcbvKgLfiYYQp+EzGcqV/UfGbiAefM7Bo0907350fi13l/geJqY07vlSQ+\n/HLO883d6Lv4NqRQqaiUsWmdMR4mGfurTTk4K8q8XQepV8XLTmP8b5y892V0TIza\nQTyta+o/c72uTg49q+JIrhfF0V/Mbh2SSCdi0iytSpnH6JxdAqW/pCfQ51A3dzNa\nRPkRGA1un+6Ywrq23ugTgckrF+Wr3XWca6XHsjqGz2iVU7cspz+gFePS2WYUL9oT\nBPfS32foB1JyXz4tmJzOePPl7DDHDXQ1T+zVgeC0EBbKilEOOjEwoOZgl8Ktcclp\nQuA15Oe4Gm5N7xn3/4LSlmedmo7Ar9LIQLdZ7YMJRoE4dBGIWM/CgiPJ9AXSsj4K\nW2bAzkRKJNsK/f+D3i6BfHZRm7ND0Afa4aCfnFwcBFkPa1SO+X8p4gDl29QchlTI\n31qerhqm8R6jaU8eGPyJSwPLN1j0jQfG3bmU2lvM1gS7G9OSoKEJ0gwH21sjLzZG\nzlSqPjzlUDnZnCWjODUqdbO3/Vg49+EzSCSxH8/rhPS7r8gSCPprh7EXB48QpRJU\nb4D49GZaI+UMD4laEua8up3sw1Etotj5A7NS1TSFQOd5nIow7NxbKtIZceFAKTlP\n9aCRJKQFlCmn1uwGHmtcqvRy18S7by/nRFd7hDj32jaBgsfj0yd5i7FW3hzHttcL\nW15mqge+kh9q7QPMBWHT+0ybgWYj3V3DnViTdB6agKnS9+s+l1sdhckkm7l3aDFN\nqKNUhDUOd47TSQHBoxcjOL+6My9CQVlHN/vLKODnP4Jundp7fW1od8stTXNkRyOq\nO2xeqTIHCX/eceqLG5rohoUFh/GGNfEq4CNw+fXuPwBulbU4t6/wh1uQ+87YmzB7\nLQdnGqHsn/5ezuRQdxCeY+DJ9PqnIYo9HSCe+T9r1PDIbogAFzDX0OUHljXvP2M6\n2lMNl/chjctdfroFDmDOEzHj6tBbYpuouc0hSMVNsSqUM1Rx0VjZtM+toRxX6Sn2\njoWyUPE3sx0BuVBNDR/qauWkOn2KBvwFkk/Czxad3RqzrTpvd38+6GRmxc+DhCfe\ncOU44EhPm41oZ+Vwj2+ChuovnAkEDH558PPgRv7UT//wO8TBr8qyj48x7U96+TfC\novWlm4ib+WPq/h3XoDCi5kFTGXqlWuABsGwOdJF0+r/k2KwsqgrJ0ux6kNacYlzv\nM2z3uCLZmPzs+aOyRHE3Itv7vUrq0+k7YEBKAA03ISW8QHsBd/tN8qVbvWxaPzDk\nlgcdsHdxdCqNYNDH5Jwu5hA8BoEEhd99LQhHn+qst9OB74uCPn6GZ4FhCspIq66b\nGhSmvjqSb6n5+G9OOs7qde51cBD9J2+SJdq6ZCxUShE62JNoPoO9SCP1VE8HRNXp\nkd74wtbE35aoZNsmbCNO7mz7nyGf33W4gMGn/BoFConsk4i4HhLciCmWTaAxqPef\nfdj+UCjLHTo75AIDPNsjCP7eyW4VT5PL89u6+GmlIf4uc3llyNrJ+e179kPbVWec\n95FDdeL4os+9KgXtRd8IA+YcJkK/nMO03CWdfQdnx7xDVj2iA/a/xnEkX/ovkiGn\nycUOeJuVBvotVOporX0RD+/j7CE0t4KXi2G1ONc4smnhXiexX7yWIJkxkQSmrD3N\nXvFhR+RKPCiKcY1yBd1tr00jYfQaqeMkiZPGEzAS9Ow/3u7CP+NqxidhHIYOadNF\nPm1Mb0YDBXVMAr36vi6JGuFCfaTApZfPcNNtvF1+Sn3osoTIVeijHxbAqPuOBKga\nMsGICwWt0zf9CRh/qPIi7ColYObHfkf1GXO+jITnVnnS8u6z00IDGA==urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/login' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-VReVMkBGxu21YaP5a' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-VReVMkBGxu21YaP5a', '--output', '/tmp/tmpc_sp8ost.xml', '/tmp/tmpf815t6h6.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpf815t6h6.xml" output= ____________________ TestClientNonAsciiAva.test_response_3 _____________________ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=d2afc2793c9d83efc1e8cb5619374074b191d66fe25cab63060a148f004e45c1urn:mace:example.com:saml:roland:spMIICHzCCAYgCAQEwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UEBhMCenoxCzAJBgNV\nBAgMAnp6MQ0wCwYDVQQHDAR6enp6MQ4wDAYDVQQKDAVaenp6ejEOMAwGA1UECwwF\nWnp6enoxDTALBgNVBAMMBHRlc3QwHhcNMTUwNjAyMDc0MzAxWhcNMjUwNTMwMDc0\nMzAxWjBYMQswCQYDVQQGEwJ6ejELMAkGA1UECAwCenoxDTALBgNVBAcMBHp6enox\nDjAMBgNVBAoMBVp6enp6MQ4wDAYDVQQLDAVaenp6ejENMAsGA1UEAwwEdGVzdDCB\nnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA41tJCTPuG2lirbztuGbBlzbzSipM\nEzM+zluWegUaoUjqtlgNHOTQqTJOqw/GdjkxRKJT6IxI3/HVcnfw7P4a4xSkL/ME\nIG3VyzedWEyLIHeofoQSTvr84ZdD0+Gk+zNCSqOQC7UuqpOLbMKK1tgZ8Mr7BkgI\np8H3lreLf29Sd5MCAwEAATANBgkqhkiG9w0BAQsFAAOBgQB0EXxy5+hsB7Rid7Gy\nCZrAObpaC4nbyPPW/vccFKmEkYtlygEPgky7D9AGsVSaTc/YxPZcanY+vKoRIsiR\n6ZitIUU5b+NnHcdj6289tUQ0iHj5jgVyv8wYHvPntTnqH2S7he0talLER8ITYToh\n2wz3u7waz/GypMeA/suhoEfxew==RE5oaUWRI7LqFNQqmeu9GCiXfuto4fCbs2qF9qhsSSjJOoHuzsuFhw4aSPjyiezv\nbJvj2Xn2wlKLdEwkvEfGuHUrGI439+2uXdm/7fGPs1RPDWwBmUPiabLsi3NPIFsv\n3AGxzKaR6fa4B43JQWK+c+/yVAPyTsoNtWfMSpGVrYg=0LwyuHld0QI0S6VzK/WAi0DUvgyPB7APjvyKHQeSsoe61+jS2bqxkaEWYPNf+eBx\n/sd/6lpeam7iN6W6Ltj2uiQMaW/MoQqo9S0YMbrLgn+XU/Qch+k47SOqiqhX/kK7\n1i1LdAQAM71HnKS2SIPY1wmbC6qMEQ/pJHl0P8cS4H3RkajgyeEq3XO/eAccEjqg\ncAfZzvVlFa0oAwxmVk6myWbq+etPAmooz9dfK0OuAXJV9bwzmwJjFmxJ9zyvs5Ei\n+1zimfB8aGAwQhvOZ35g52A6seIfclxCfWmXwEGux5CQKda1z6v6nNAB1KjlRBQu\nWRK4KECpLQcRJ1YutjllHcFkCKDZ17d4+XO37trDwtEDSFXxr5akg8U1OCxGvKRg\n4NpGJacGHGocNtnHL9SmhyDTWwTh7wxbmyHLO2i0hgXs2JanSG47GlK+otXJdAGb\nG6KsBq7hXeG5asjgtG4bXGH/ude6rxfYiA+3CXFw/vn9UgYs41mp9c+1a+eRjg7K\nBT0jdmoBPDFnr3Tkz/JHwFBb1IopgH1SN37Onzs8GAWZUpF3PbPTnbxXV5Io7Y5H\nX04HC8wOb7yVdesYGgRhQj6siMKk8TuKQnEzfxYmP8RPVDSQVwTDIzefIKiJJU4S\nr/roPPmnDYreOamJ/GIJHabLbd3lYn3J9jr+Nvh9pjRehVgfIfnUjp6GIGbIoHsT\nsxFlBeAdYY7YfnSFYGGJ/yWNY0RrlqNOsAVdaiYzlNQFBSMCek6HoiRIeDesRXmN\ncnlvPQ2qX75gmsWMmwuJ6giHZdGpC67B1dq3dZ6WNzLW694uFwDGMeedJQHK68Qf\nh08w4Gvg6v10wh8ZBxKEyic+RcjM34BymF3du0Uu/G+jUDp1Kmx3QsJ7OIfNB+FH\nNMjZMg3X9d4jQimTCM2ITY52rkfn5hrH8pJf+bh1jEKlrzX6RMosx+Fo9EMbLuW+\nZJxbktT/YQX6iA4snG/QQ+ij5I92ruPzbX4aNm1PMXNNss262YidzkXKlmV6IFgU\noSTtAeGHDoLb1b8Hm0L/A35shEV9nPeQ/8ROXmXYdT3vMvDPrr4eXZJJYEX9EUL2\nsexYntvWsR0gEPy/dfU8yJXjDJFSIHs+idTz7BHoM8pKN4OAAU97VHB911DS0jzZ\nb1toV7N4axGkbWMXrui2jrUGO+NNXE9yiQMEnfIZohSxWmKEBapNCPO/+Pzc/mGa\nQAnkgUm37/jpozep6YPOfhyIH2m/GMpHyaH+sPhoXtZtptscP50GrVDGhUqe+p4m\nNNeOGRXlJz+43CIBVbT4n6tLRJSlD+nn0i3aAOodB2Bs+mrSVitPbUUryOEcDfHb\n2adT1nyFn2i+BhTB3Qprf1svp7o2EFK+vGlHB1WWmXOX3dPGFo1oRxaB1tvTuDtl\nGoqq0jslMCsBNR8vWOpfC+Q/k3Sav0H32H8UxhEzgxeaSJng7UMgB645f5MEWIjh\nhjXj6qnOCeWtxhcm8WKdsaYr+UwyAqQTRQo6/QlpncxaD7oXDwRRC4m4Zci7aZiT\nsGsqiiVFGPYB9+2/wytewnA3AVHVO/0j/3BWCIF7EB/xp86LLDUkyTiXuob8irA3\ngxR/eda7Kbxb/RUJcETIPFF0iXbyPZvS4V2vc/BoSfb0usFgw0nGiJ2ay8pCNq69\nemV+7Txrpn0tF6yc55rOYm5j+LAC5mvHRc8NYpdX9xJJ+bmkB1ZWeQXKO0sqiXm9\n+cPID2FG1EyTQN2L8Xcm6mr4HOOpaa6hcxBvU/QdxrScVUNgZCh9yy1PXaDIfShD\nKNWO8QjvQbUHfgDJehI1NvJcaqadn4SRjWX2dlWFMLd9gQXfWZ75Mq4zuY0Z7KLt\nw35Ab+mn5HGM0QLAi2S9yeOoib0WolXnnTdryF2dab85mkpa0WDPpXfq9BquLa+U\n7rRIazVjezfBmt2TUr3uLal61fHoKFdyUX9DW9hAJpTYKkRObRvnUPDVbE6B/P47\n29Sgjn5zxkG1hgqAKq01eWZX36NerqRyipyYqD1Mwjrqc6biyEIeS4/VNe3sHCas\nAyJv9zeucQezCFF8aSLuPSbHooqWlcrsRvsUeNU1KIqvARGX9LCMkROvHqYyVnSu\nI211nsP7Jk56PFT3y1FJe43CzzsMrmw3s99G2xlqciPRtiHtIBnAxB2PdfDMsnIt\nzv3KGHssZcmeoJADFyED1Jsfp6GFeYFh8UlM3CBK1GkBYdATxLKbm71r+h04RJW6\nWEkTM/Kda3LhCn9HAydFh1PvGLGo1RgOUrvt0kFNa2l+8M+5SzEiw6H5tGVy1psY\nxPYxmKxMJbmGOCWkrD+mNPX+eu2LDxPtklSHFyJxRmYUapXYE82jxGAWI7oKUCkq\nCnbOtZ4jdUwpb/NN2yOdw41/fCUD7p78cHhytzakfyLR/jo9zw6Tjw==urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/login' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-WmXXdTckrSIud5ymd' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpfjwflnt2.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpfjwflnt2.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_response_3(self): conf = config.SPConfig() conf.load_file("server_conf") _client = Saml2Client(conf) idp, ava, ava_verify, nameid_policy = self.setup_verify_authn_response() self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id1") > resp = self.server.create_authn_response( identity=ava, in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", name_id=self.name_id, userid="foba0001@example.com", authn=AUTHN, sign_response=True, sign_assertion=True, encrypt_assertion=False, encrypt_assertion_self_contained=True, pefim=True, ) tests/test_51_client.py:2181: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:907: in _response response = signed_instance_factory(response, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=d2afc2793c9d83efc1e8cb5619374074b191d66fe25cab63060a148f004e45c1urn:mace:example.com:saml:roland:spMIICHzCCAYgCAQEwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UEBhMCenoxCzAJBgNV\nBAgMAnp6MQ0wCwYDVQQHDAR6enp6MQ4wDAYDVQQKDAVaenp6ejEOMAwGA1UECwwF\nWnp6enoxDTALBgNVBAMMBHRlc3QwHhcNMTUwNjAyMDc0MzAxWhcNMjUwNTMwMDc0\nMzAxWjBYMQswCQYDVQQGEwJ6ejELMAkGA1UECAwCenoxDTALBgNVBAcMBHp6enox\nDjAMBgNVBAoMBVp6enp6MQ4wDAYDVQQLDAVaenp6ejENMAsGA1UEAwwEdGVzdDCB\nnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA41tJCTPuG2lirbztuGbBlzbzSipM\nEzM+zluWegUaoUjqtlgNHOTQqTJOqw/GdjkxRKJT6IxI3/HVcnfw7P4a4xSkL/ME\nIG3VyzedWEyLIHeofoQSTvr84ZdD0+Gk+zNCSqOQC7UuqpOLbMKK1tgZ8Mr7BkgI\np8H3lreLf29Sd5MCAwEAATANBgkqhkiG9w0BAQsFAAOBgQB0EXxy5+hsB7Rid7Gy\nCZrAObpaC4nbyPPW/vccFKmEkYtlygEPgky7D9AGsVSaTc/YxPZcanY+vKoRIsiR\n6ZitIUU5b+NnHcdj6289tUQ0iHj5jgVyv8wYHvPntTnqH2S7he0talLER8ITYToh\n2wz3u7waz/GypMeA/suhoEfxew==RE5oaUWRI7LqFNQqmeu9GCiXfuto4fCbs2qF9qhsSSjJOoHuzsuFhw4aSPjyiezv\nbJvj2Xn2wlKLdEwkvEfGuHUrGI439+2uXdm/7fGPs1RPDWwBmUPiabLsi3NPIFsv\n3AGxzKaR6fa4B43JQWK+c+/yVAPyTsoNtWfMSpGVrYg=0LwyuHld0QI0S6VzK/WAi0DUvgyPB7APjvyKHQeSsoe61+jS2bqxkaEWYPNf+eBx\n/sd/6lpeam7iN6W6Ltj2uiQMaW/MoQqo9S0YMbrLgn+XU/Qch+k47SOqiqhX/kK7\n1i1LdAQAM71HnKS2SIPY1wmbC6qMEQ/pJHl0P8cS4H3RkajgyeEq3XO/eAccEjqg\ncAfZzvVlFa0oAwxmVk6myWbq+etPAmooz9dfK0OuAXJV9bwzmwJjFmxJ9zyvs5Ei\n+1zimfB8aGAwQhvOZ35g52A6seIfclxCfWmXwEGux5CQKda1z6v6nNAB1KjlRBQu\nWRK4KECpLQcRJ1YutjllHcFkCKDZ17d4+XO37trDwtEDSFXxr5akg8U1OCxGvKRg\n4NpGJacGHGocNtnHL9SmhyDTWwTh7wxbmyHLO2i0hgXs2JanSG47GlK+otXJdAGb\nG6KsBq7hXeG5asjgtG4bXGH/ude6rxfYiA+3CXFw/vn9UgYs41mp9c+1a+eRjg7K\nBT0jdmoBPDFnr3Tkz/JHwFBb1IopgH1SN37Onzs8GAWZUpF3PbPTnbxXV5Io7Y5H\nX04HC8wOb7yVdesYGgRhQj6siMKk8TuKQnEzfxYmP8RPVDSQVwTDIzefIKiJJU4S\nr/roPPmnDYreOamJ/GIJHabLbd3lYn3J9jr+Nvh9pjRehVgfIfnUjp6GIGbIoHsT\nsxFlBeAdYY7YfnSFYGGJ/yWNY0RrlqNOsAVdaiYzlNQFBSMCek6HoiRIeDesRXmN\ncnlvPQ2qX75gmsWMmwuJ6giHZdGpC67B1dq3dZ6WNzLW694uFwDGMeedJQHK68Qf\nh08w4Gvg6v10wh8ZBxKEyic+RcjM34BymF3du0Uu/G+jUDp1Kmx3QsJ7OIfNB+FH\nNMjZMg3X9d4jQimTCM2ITY52rkfn5hrH8pJf+bh1jEKlrzX6RMosx+Fo9EMbLuW+\nZJxbktT/YQX6iA4snG/QQ+ij5I92ruPzbX4aNm1PMXNNss262YidzkXKlmV6IFgU\noSTtAeGHDoLb1b8Hm0L/A35shEV9nPeQ/8ROXmXYdT3vMvDPrr4eXZJJYEX9EUL2\nsexYntvWsR0gEPy/dfU8yJXjDJFSIHs+idTz7BHoM8pKN4OAAU97VHB911DS0jzZ\nb1toV7N4axGkbWMXrui2jrUGO+NNXE9yiQMEnfIZohSxWmKEBapNCPO/+Pzc/mGa\nQAnkgUm37/jpozep6YPOfhyIH2m/GMpHyaH+sPhoXtZtptscP50GrVDGhUqe+p4m\nNNeOGRXlJz+43CIBVbT4n6tLRJSlD+nn0i3aAOodB2Bs+mrSVitPbUUryOEcDfHb\n2adT1nyFn2i+BhTB3Qprf1svp7o2EFK+vGlHB1WWmXOX3dPGFo1oRxaB1tvTuDtl\nGoqq0jslMCsBNR8vWOpfC+Q/k3Sav0H32H8UxhEzgxeaSJng7UMgB645f5MEWIjh\nhjXj6qnOCeWtxhcm8WKdsaYr+UwyAqQTRQo6/QlpncxaD7oXDwRRC4m4Zci7aZiT\nsGsqiiVFGPYB9+2/wytewnA3AVHVO/0j/3BWCIF7EB/xp86LLDUkyTiXuob8irA3\ngxR/eda7Kbxb/RUJcETIPFF0iXbyPZvS4V2vc/BoSfb0usFgw0nGiJ2ay8pCNq69\nemV+7Txrpn0tF6yc55rOYm5j+LAC5mvHRc8NYpdX9xJJ+bmkB1ZWeQXKO0sqiXm9\n+cPID2FG1EyTQN2L8Xcm6mr4HOOpaa6hcxBvU/QdxrScVUNgZCh9yy1PXaDIfShD\nKNWO8QjvQbUHfgDJehI1NvJcaqadn4SRjWX2dlWFMLd9gQXfWZ75Mq4zuY0Z7KLt\nw35Ab+mn5HGM0QLAi2S9yeOoib0WolXnnTdryF2dab85mkpa0WDPpXfq9BquLa+U\n7rRIazVjezfBmt2TUr3uLal61fHoKFdyUX9DW9hAJpTYKkRObRvnUPDVbE6B/P47\n29Sgjn5zxkG1hgqAKq01eWZX36NerqRyipyYqD1Mwjrqc6biyEIeS4/VNe3sHCas\nAyJv9zeucQezCFF8aSLuPSbHooqWlcrsRvsUeNU1KIqvARGX9LCMkROvHqYyVnSu\nI211nsP7Jk56PFT3y1FJe43CzzsMrmw3s99G2xlqciPRtiHtIBnAxB2PdfDMsnIt\nzv3KGHssZcmeoJADFyED1Jsfp6GFeYFh8UlM3CBK1GkBYdATxLKbm71r+h04RJW6\nWEkTM/Kda3LhCn9HAydFh1PvGLGo1RgOUrvt0kFNa2l+8M+5SzEiw6H5tGVy1psY\nxPYxmKxMJbmGOCWkrD+mNPX+eu2LDxPtklSHFyJxRmYUapXYE82jxGAWI7oKUCkq\nCnbOtZ4jdUwpb/NN2yOdw41/fCUD7p78cHhytzakfyLR/jo9zw6Tjw==urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/login' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-WmXXdTckrSIud5ymd' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-WmXXdTckrSIud5ymd', '--output', '/tmp/tmptbb0fhs4.xml', '/tmp/tmpfjwflnt2.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpfjwflnt2.xml" output= ____________________ TestClientNonAsciiAva.test_response_4 _____________________ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=fce8a25d53a7db0436d7ba0be3a7ce876442f939c36e183d44cdd9cb65e37accurn:mace:example.com:saml:roland:spMIICHzCCAYgCAQEwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UEBhMCenoxCzAJBgNV\nBAgMAnp6MQ0wCwYDVQQHDAR6enp6MQ4wDAYDVQQKDAVaenp6ejEOMAwGA1UECwwF\nWnp6enoxDTALBgNVBAMMBHRlc3QwHhcNMTUwNjAyMDc0MzAxWhcNMjUwNTMwMDc0\nMzAxWjBYMQswCQYDVQQGEwJ6ejELMAkGA1UECAwCenoxDTALBgNVBAcMBHp6enox\nDjAMBgNVBAoMBVp6enp6MQ4wDAYDVQQLDAVaenp6ejENMAsGA1UEAwwEdGVzdDCB\nnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA41tJCTPuG2lirbztuGbBlzbzSipM\nEzM+zluWegUaoUjqtlgNHOTQqTJOqw/GdjkxRKJT6IxI3/HVcnfw7P4a4xSkL/ME\nIG3VyzedWEyLIHeofoQSTvr84ZdD0+Gk+zNCSqOQC7UuqpOLbMKK1tgZ8Mr7BkgI\np8H3lreLf29Sd5MCAwEAATANBgkqhkiG9w0BAQsFAAOBgQB0EXxy5+hsB7Rid7Gy\nCZrAObpaC4nbyPPW/vccFKmEkYtlygEPgky7D9AGsVSaTc/YxPZcanY+vKoRIsiR\n6ZitIUU5b+NnHcdj6289tUQ0iHj5jgVyv8wYHvPntTnqH2S7he0talLER8ITYToh\n2wz3u7waz/GypMeA/suhoEfxew==oqT0vQbAi7A8pDU/qQq0Zy450bWgyVMzQdYoj2zbYrG+o1ZYqE75skrn/DnCqHqo\neMVEvFNrbIESPIICd2LFhnqi+7JZMDCZ/rcoZFt8O1V2JODPq+eTxnckQ8fmRNre\naGWjTQD0Ulj32rDQRRHLUbIhneppIzJAJAGzywgpMkE=lYZYJkl4F02eMXsFz1y4PqDM0izG/bl84G4hKQqZW2Qs+2sKa0Y43CK1ARBhGRty\nQMozL5ufao15eRNjnra9sAZrC6tNZy4+6xFOmzGO2ZHWxPvRG8DaJjFfRKz09x4H\nDeXt78VoGvJQFhOVFEHiOljBsN+UPv5iTBUG9UQo+/xKIJs2ujkQfrl/gH51CCv6\nPzF7v/Uubx5/O4XIX/7LRvy9weFpsOU8wByJJ1P+kkCNkwDWe3ER556YeNrfwnJr\naKh+FmQ8vu5yevP9KnzenUu0jSk4/+ALP50jwfI1P0c/f/27Wd6sx5iYdg9MTO37\n4rv2UDc/7g+yWRm8SzIgsPAZhV1u5vDrN++sYNvlxG9lvczZHnJ6h5TGne5UoJRh\n8W9CqYc9FhTLhVsC80nUTI4a+AEpzkLS3TVmfEC2nSUOdsE8TuTSikrdR8TV0aMT\nnulPGaGzMHA0Z7KToXwJxOOQcKd+QswGyECa7UJih2MCNfN7rHLr6lQwWTbUcQAD\nFyeCqJUx/FFFkCHcZWE/tB5W1aHX9EuC0CtBf08NKfuEPHw7/dk/FZxo1ICazi2L\nIhTJQvp/icZzj1P3roii48NX6Np4V/pj1tzoEmLIGISTuc8fo9SbxPObocMgyjNa\nGHvay9cdxKJX+2e/EWP/vkeogbNhvLPSKLqaIJee8QbY3SaLfIQX2uHqes7L9ZMS\nnO6XvxlbhQfTpe+EOJKFYg80YvF7Zr6pF3l8MdVHXcsfypE7w1WfhVRAEMGSRFlc\nF0BFB9CyjNjgf309K9y1ggdE2jSCeIlD+XMwSqJCs3uQUY4jpoo42+J+8y/T8BFY\nan/MyIvGs+hexa8/AUM6av1E86pb4/YcB74AM2SEAogP/kJfy+nHQRZdhJBeomP4\nZR/JsVNxfhXAcMhUJy6KgLC/VLLjpuMF7QINk2lY3Hf29Vp7XpLxiAxHVXPVc2V/\nBBz4OB+MC5SeWRENgBPpgtrW6n9JtpJFo1DhnoIp67ABnkY+qexTlQcP6brX3gvu\n8+ulTWEfNUQSynCYHtRr/4sChSXZjV4oPzhL1oAelt4GNfBu7QPzCFuJJEvlmseJ\nuuQE1MMPbwY18MdG8Ua/kvod/GSdOxRv4K9Da/Yy0sBHdnjWjpDT3m6j27t1H7KK\nlKgvznYuYIL7Sf5lA1EtJ/5sO7HZsUP00BPZpv+6afQ/qMDovzkVt2imVOdUS4Va\ni+CRO31WD9ApdFlP1TVrnaJzk/USJ5PKQvs6aAbHXL6CkiOfb6J2GwKBFYypCNqp\nYTC4h3Y71UrXp8miwMQXXHUQGSvvB80udlJK7EYvEym9wA98mZry2VzYSiRIGVTr\nQ3HFoowXIOto2YDqtDkHY/tTDvwzfsLpogeFObqbDVm8PDLpMgGN75kveOgGmWcf\nCKHqPrm6Wb6stVXfgHIP10vI9n85vwU76xDpvT3XbK/EmQ7Gi+XISB2KGVq0RZ5C\nA5kZZU/WnUai/JiTC8JjaSNcVYNsU2+nMoYzM0CoLC4X0y7DDyCkzcNYEEywEnD4\non1UZhjWm625D3alp3G+IkF/1hXIJ3KvhjrENMwdtuCWyudcaWOm3qHPfjDHC/VX\nuUweEV6WIloC3fOm5v0afkBtlovKkBQN/1VcD6IasTE5oM5oletuE8rEMDjp/2pZ\nHUSKhVu6oCBln/ulJll88nRZbleeWcezzhlYOpsbr/+95EvkB6d4yutEsf1Mf07i\nR07E1JnKl+Dz0xfuBRspAHZOW5h9D7y8jaJLB/uOmslybNHgsuE8T/Oc/mU9qY8N\nNIn8gG+L6mR9dHlLPbI2Rw5d8Bv2FCQB1xOFichrWXqjB8X2MNZdTdN4WILm0mSA\nydiuJBCLZunxyn08gNX+nuwT+PltQBr09j7G7X6L5l3wViZTX7cflR0UTKQnBl5W\nJlGbmusOgqCXcU5NO2lh6bb4sKkPlxudNUKb8WhTdGJn8HjFAU9o/N8jehuhHvEW\n7Nigm4XV1dbrdrk8toxbyyT6N2grOSo3E34U5ZyCdwJfI2dABdtbybGxhIl/RvNC\nHCoY8GRw0syogM9vm2tnPoaacBoO0P0UjV1YLEDoIUavr/4UTCrdv3OYmBcYMSsR\njEvwxEbd7HojFqF20qQW8lrfdqcThHBiDgpsQJsODicOO7Kw247MxOSYUrdlQ3/I\nMkRLyGbNCxDFHTOqG8EJi60XsFsn57g41z3B4sju4wUH1hdld3BYVljNHGUk3iQ8\nLbIpXQPXHbFWZD7k133G5BIoG9gzswHjyh9jwelMYoSURxaS3MVVz9W4v4njQojS\n0GgztYh+r5/2QAufnzDXbnJpafpdVTAvCsOL+ztHteoedb3qWRvVbpHzrLeyeHDq\nmmaK3Ux3Q7VrKWKa7uUaM4nVx9OfnZf1pEVo53BPuhR4FOUy9G73vA==urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/login' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-04iESq0zhEQS3bLpu' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpavt1085_.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpavt1085_.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_response_4(self): conf = config.SPConfig() conf.load_file("server_conf") _client = Saml2Client(conf) idp, ava, ava_verify, nameid_policy = self.setup_verify_authn_response() self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id1") > resp = self.server.create_authn_response( identity=ava, in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", name_id=self.name_id, userid="foba0001@example.com", authn=AUTHN, sign_response=True, sign_assertion=True, encrypt_assertion=True, encrypt_assertion_self_contained=True, pefim=True, ) tests/test_51_client.py:2215: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:900: in _response response = signed_instance_factory(response, self.sec, to_sign_assertion) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=fce8a25d53a7db0436d7ba0be3a7ce876442f939c36e183d44cdd9cb65e37accurn:mace:example.com:saml:roland:spMIICHzCCAYgCAQEwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UEBhMCenoxCzAJBgNV\nBAgMAnp6MQ0wCwYDVQQHDAR6enp6MQ4wDAYDVQQKDAVaenp6ejEOMAwGA1UECwwF\nWnp6enoxDTALBgNVBAMMBHRlc3QwHhcNMTUwNjAyMDc0MzAxWhcNMjUwNTMwMDc0\nMzAxWjBYMQswCQYDVQQGEwJ6ejELMAkGA1UECAwCenoxDTALBgNVBAcMBHp6enox\nDjAMBgNVBAoMBVp6enp6MQ4wDAYDVQQLDAVaenp6ejENMAsGA1UEAwwEdGVzdDCB\nnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA41tJCTPuG2lirbztuGbBlzbzSipM\nEzM+zluWegUaoUjqtlgNHOTQqTJOqw/GdjkxRKJT6IxI3/HVcnfw7P4a4xSkL/ME\nIG3VyzedWEyLIHeofoQSTvr84ZdD0+Gk+zNCSqOQC7UuqpOLbMKK1tgZ8Mr7BkgI\np8H3lreLf29Sd5MCAwEAATANBgkqhkiG9w0BAQsFAAOBgQB0EXxy5+hsB7Rid7Gy\nCZrAObpaC4nbyPPW/vccFKmEkYtlygEPgky7D9AGsVSaTc/YxPZcanY+vKoRIsiR\n6ZitIUU5b+NnHcdj6289tUQ0iHj5jgVyv8wYHvPntTnqH2S7he0talLER8ITYToh\n2wz3u7waz/GypMeA/suhoEfxew==oqT0vQbAi7A8pDU/qQq0Zy450bWgyVMzQdYoj2zbYrG+o1ZYqE75skrn/DnCqHqo\neMVEvFNrbIESPIICd2LFhnqi+7JZMDCZ/rcoZFt8O1V2JODPq+eTxnckQ8fmRNre\naGWjTQD0Ulj32rDQRRHLUbIhneppIzJAJAGzywgpMkE=lYZYJkl4F02eMXsFz1y4PqDM0izG/bl84G4hKQqZW2Qs+2sKa0Y43CK1ARBhGRty\nQMozL5ufao15eRNjnra9sAZrC6tNZy4+6xFOmzGO2ZHWxPvRG8DaJjFfRKz09x4H\nDeXt78VoGvJQFhOVFEHiOljBsN+UPv5iTBUG9UQo+/xKIJs2ujkQfrl/gH51CCv6\nPzF7v/Uubx5/O4XIX/7LRvy9weFpsOU8wByJJ1P+kkCNkwDWe3ER556YeNrfwnJr\naKh+FmQ8vu5yevP9KnzenUu0jSk4/+ALP50jwfI1P0c/f/27Wd6sx5iYdg9MTO37\n4rv2UDc/7g+yWRm8SzIgsPAZhV1u5vDrN++sYNvlxG9lvczZHnJ6h5TGne5UoJRh\n8W9CqYc9FhTLhVsC80nUTI4a+AEpzkLS3TVmfEC2nSUOdsE8TuTSikrdR8TV0aMT\nnulPGaGzMHA0Z7KToXwJxOOQcKd+QswGyECa7UJih2MCNfN7rHLr6lQwWTbUcQAD\nFyeCqJUx/FFFkCHcZWE/tB5W1aHX9EuC0CtBf08NKfuEPHw7/dk/FZxo1ICazi2L\nIhTJQvp/icZzj1P3roii48NX6Np4V/pj1tzoEmLIGISTuc8fo9SbxPObocMgyjNa\nGHvay9cdxKJX+2e/EWP/vkeogbNhvLPSKLqaIJee8QbY3SaLfIQX2uHqes7L9ZMS\nnO6XvxlbhQfTpe+EOJKFYg80YvF7Zr6pF3l8MdVHXcsfypE7w1WfhVRAEMGSRFlc\nF0BFB9CyjNjgf309K9y1ggdE2jSCeIlD+XMwSqJCs3uQUY4jpoo42+J+8y/T8BFY\nan/MyIvGs+hexa8/AUM6av1E86pb4/YcB74AM2SEAogP/kJfy+nHQRZdhJBeomP4\nZR/JsVNxfhXAcMhUJy6KgLC/VLLjpuMF7QINk2lY3Hf29Vp7XpLxiAxHVXPVc2V/\nBBz4OB+MC5SeWRENgBPpgtrW6n9JtpJFo1DhnoIp67ABnkY+qexTlQcP6brX3gvu\n8+ulTWEfNUQSynCYHtRr/4sChSXZjV4oPzhL1oAelt4GNfBu7QPzCFuJJEvlmseJ\nuuQE1MMPbwY18MdG8Ua/kvod/GSdOxRv4K9Da/Yy0sBHdnjWjpDT3m6j27t1H7KK\nlKgvznYuYIL7Sf5lA1EtJ/5sO7HZsUP00BPZpv+6afQ/qMDovzkVt2imVOdUS4Va\ni+CRO31WD9ApdFlP1TVrnaJzk/USJ5PKQvs6aAbHXL6CkiOfb6J2GwKBFYypCNqp\nYTC4h3Y71UrXp8miwMQXXHUQGSvvB80udlJK7EYvEym9wA98mZry2VzYSiRIGVTr\nQ3HFoowXIOto2YDqtDkHY/tTDvwzfsLpogeFObqbDVm8PDLpMgGN75kveOgGmWcf\nCKHqPrm6Wb6stVXfgHIP10vI9n85vwU76xDpvT3XbK/EmQ7Gi+XISB2KGVq0RZ5C\nA5kZZU/WnUai/JiTC8JjaSNcVYNsU2+nMoYzM0CoLC4X0y7DDyCkzcNYEEywEnD4\non1UZhjWm625D3alp3G+IkF/1hXIJ3KvhjrENMwdtuCWyudcaWOm3qHPfjDHC/VX\nuUweEV6WIloC3fOm5v0afkBtlovKkBQN/1VcD6IasTE5oM5oletuE8rEMDjp/2pZ\nHUSKhVu6oCBln/ulJll88nRZbleeWcezzhlYOpsbr/+95EvkB6d4yutEsf1Mf07i\nR07E1JnKl+Dz0xfuBRspAHZOW5h9D7y8jaJLB/uOmslybNHgsuE8T/Oc/mU9qY8N\nNIn8gG+L6mR9dHlLPbI2Rw5d8Bv2FCQB1xOFichrWXqjB8X2MNZdTdN4WILm0mSA\nydiuJBCLZunxyn08gNX+nuwT+PltQBr09j7G7X6L5l3wViZTX7cflR0UTKQnBl5W\nJlGbmusOgqCXcU5NO2lh6bb4sKkPlxudNUKb8WhTdGJn8HjFAU9o/N8jehuhHvEW\n7Nigm4XV1dbrdrk8toxbyyT6N2grOSo3E34U5ZyCdwJfI2dABdtbybGxhIl/RvNC\nHCoY8GRw0syogM9vm2tnPoaacBoO0P0UjV1YLEDoIUavr/4UTCrdv3OYmBcYMSsR\njEvwxEbd7HojFqF20qQW8lrfdqcThHBiDgpsQJsODicOO7Kw247MxOSYUrdlQ3/I\nMkRLyGbNCxDFHTOqG8EJi60XsFsn57g41z3B4sju4wUH1hdld3BYVljNHGUk3iQ8\nLbIpXQPXHbFWZD7k133G5BIoG9gzswHjyh9jwelMYoSURxaS3MVVz9W4v4njQojS\n0GgztYh+r5/2QAufnzDXbnJpafpdVTAvCsOL+ztHteoedb3qWRvVbpHzrLeyeHDq\nmmaK3Ux3Q7VrKWKa7uUaM4nVx9OfnZf1pEVo53BPuhR4FOUy9G73vA==urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/login' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-04iESq0zhEQS3bLpu' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-04iESq0zhEQS3bLpu', '--output', '/tmp/tmpqvlguljj.xml', '/tmp/tmpavt1085_.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpavt1085_.xml" output= ____________________ TestClientNonAsciiAva.test_response_5 _____________________ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=504cd7f3f61b66e98a5682b376cef27b1450409dead483bb5c2a96507da0815curn:mace:example.com:saml:roland:spMIICHzCCAYgCAQEwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UEBhMCenoxCzAJBgNV\nBAgMAnp6MQ0wCwYDVQQHDAR6enp6MQ4wDAYDVQQKDAVaenp6ejEOMAwGA1UECwwF\nWnp6enoxDTALBgNVBAMMBHRlc3QwHhcNMTUwNjAyMDc0MzAxWhcNMjUwNTMwMDc0\nMzAxWjBYMQswCQYDVQQGEwJ6ejELMAkGA1UECAwCenoxDTALBgNVBAcMBHp6enox\nDjAMBgNVBAoMBVp6enp6MQ4wDAYDVQQLDAVaenp6ejENMAsGA1UEAwwEdGVzdDCB\nnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA41tJCTPuG2lirbztuGbBlzbzSipM\nEzM+zluWegUaoUjqtlgNHOTQqTJOqw/GdjkxRKJT6IxI3/HVcnfw7P4a4xSkL/ME\nIG3VyzedWEyLIHeofoQSTvr84ZdD0+Gk+zNCSqOQC7UuqpOLbMKK1tgZ8Mr7BkgI\np8H3lreLf29Sd5MCAwEAATANBgkqhkiG9w0BAQsFAAOBgQB0EXxy5+hsB7Rid7Gy\nCZrAObpaC4nbyPPW/vccFKmEkYtlygEPgky7D9AGsVSaTc/YxPZcanY+vKoRIsiR\n6ZitIUU5b+NnHcdj6289tUQ0iHj5jgVyv8wYHvPntTnqH2S7he0talLER8ITYToh\n2wz3u7waz/GypMeA/suhoEfxew==f6OmDJCMD4tUTdVxJU75RBy09ecZZm2dOzyjTDePHeb7C6JutZnRYD8Rczg64VI4\nIJYHdFwf6lwjjiiguNtdP/ty5+9sf37tCf+8xsnNGYbAfYgEmzjeOSdhNDpJnu+d\n5orsQz4Ih5lKguasaNwTS7jIDi5zDxeknwNt9PgQoos=MYLV40QTJt8+kMWsRO3a4u2PdpA//YGd3puUqb4N8PAmHHBtr3JG6pe7wxvXLk/S\nUf1nfU6nEOEWmx5nYe25465QTy9e1K0VmTlW6yog5J4bAJL10T1bmPpBwe052VzY\nebE8jzNqjNrRqaGqKv5nqXAO5H5XKQ5A6YIhgssj8s9jTOGs6+NKXW8UPTZYwMwH\ncJxTh4Soc1qE98CNrr0ccpRSwf4DwfGbg34N3kYkEZaBvJYGMYTkB2Axq3XKgkIH\nYhCt3kdtsOXSh2CyK3/VHjvCuLyUI3FDjVRWqfanKz4T/AMqrhe6r6SV9kd7hJtl\nfhK87CN6+FTjuuTquFDovBtj1qmMcgcEnn8crDd2Q8jl+lA4ykVicMtSnurLV0ok\n1G/J/5wR4u/y1Uzs9CTtkl1Lp1f1uhOF+5YGszzm9wDHQNrTToudZ6QHQLnSWFo3\ngvhQB57chK49vvYtsc7EHxB2GAFrzD2+mLnNxweNeeomLAcYjGuUQPrSihmwUD0b\nxffAuXVmLxy/rk9MDlnuBEI9pVnjHG336osDYgNxDbbd39i3Q1xhxiGvo0ut4Vvj\nWTkjKmbqNhI+55x8MwM+J5LVHXWD6N+RivVr0XFUheWn0ZsX9UBgwN2Yrc4GujSa\nzo8YiRKwZKoWJzJBQ5dJtFGeQmR1uZFtfmrii3LAOMSYIidmd87neoUiLDythwsK\nH0RSzm0P9LDR09R708qpH0LvUlx8yTsDWrrQ0UEcfcnvjzwVnTFAwihKnBvuNNxu\n4AlHKZQx69W+B2EHyOv/C1UPEmYnbnx98uGXnEgKbnK6LYQRDYtxDwOyV9oP0czz\nMCzZPNYeot8mEeZNPaKHXjdILPLmEZhlitBMGR7CloEsPtrzstzzzT7yA5TQX9L9\nAaVXwQRCpHPMK+2GCVpEGUPoe41DxDtUxqq4Nng3qoFvvdN+pYGTpPTYv0z+40G5\nays6aXveREaTlGDLTXjlcC5gNeB84QPciL4l56yTQUFuL475VOTGJw5/WwmS4ecJ\nnz7b6Vrk9n1Qungmz8iHqscy6YK2HzPkQz44tJ7hI5UNRCtVTycc20/9GOQWeMoa\nVgyavryR1+NB6fwzPRjjAGRHaqhN7KG5SUaBOUOfLT8yW09hjCYyUeqidTODWokA\n+7RjjMyxdFhzHeOullz9tSh8EmZhl4tijqQauo/eWPUeznfKSuHbGh5goYzIA9At\nsXlrZR2SPgUEQPsajRVvkuWUajZMIEO09cdGuDWbBjMTYsIHmoLpSkBVJIM+xrp4\n++HLY7ZMAKqDGYUZayVb1crn9TXm37+o6T4R1WPEmp5l4MGwTFQ6w4e97L2OmCkx\n4N1/U10NepCjr98VY2fZo+vvXMcQbTqX57NWjzbRBddKOGR1VMMwvYw1gUwbcydW\notBGzAiWIXfGF5Rja10BJFh8AZOpSIqSzJI9eQyUUofwCEIqH/V9+gAK4vkI2SRS\n5RXa9tOAtrFxCGslywI6g6ioFOV7uBAqmwCMe/Up9PoSnWzMGOvoZjCdV4HV0st8\nNB14pcWOsBVObHSK/FYNMtlS0B9J/9cqO2JpPzQSxKGyExk2WLWDnSaRbXpGm7Ij\nliWRAM2XG9ycRS0Al2Oyi388nsgtxEgdumpGWRjjKES5oRsP+707dZxVXdUpPqin\nZ9IaJrbDLSiCh6gWf1BdDWbk98mpbQXXYgznbDJjZEPBJ41eKLdUfsrZb1NnJMml\n67UBHkAYT1dxUj8JAKewtM6rCW+tTExQ/L1Nl6cLFGOaxt/xkq8EZwQyczpN8q2q\n83UCMdtWkX8tnMJd9VSqmfto4jyrNnRnUMIK6gMH/IW4p/5R4dDAjBdD/uE7zVLH\n62ZHd7d1g+hchT9KgCyb0GZu3ajLcontDx2gyCMRZUMjhP4sCtFXorwj7koSKG6U\ncMZSBJQ/fe/mDYNiK13ClPJWVXHHryI6v/Jv/8MfQoNcGmz9SGJMUF3YcFnWSkXV\nLy/axFwCLVMbN55ID9ateHPwuIwD+Se31ZCBlAdMY13I76Cpots+b/Bsy1YrF8lq\noMC1dyh+ilzHUvOdEbzAmVkmvEfBLVaBDXg1GhOs2yq44yZEWBWxADP/PvBW1BDm\nZtI2cbgikmVYk4wrMpXYz/i6TSkntE2D1zFs9rJrESAgKNOd6s5nJoTUYdbqU0o6\n5bvbSLwnSnqSLv3MJ7E6r5WnD0sCLLJglLXyvo76eXt8XbfXRpIAI9iSMgyYI1IW\noZgxIqF7xQ0iPhTS0XGYJdtjOrGXhGTIqvRNIJhxD8iOijyK5OhmfXC4Z2NGV6wG\nujYDivXAOa8afx0T4curBzWCEWgNztZ+uDQkBAhX71WS1mxNSynREnD9hKcqiI9N\nRKlI8L0VLtvUxIBscKIJz5Q+dTn+z5wHTq+uh/OdxCcFU1f5nSA/Jg==urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/login' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-b0eKJeliVD7GHvq47' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpsy04edmg.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpsy04edmg.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_response_5(self): conf = config.SPConfig() conf.load_file("server_conf") _client = Saml2Client(conf) idp, ava, ava_verify, nameid_policy = self.setup_verify_authn_response() self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id1") cert_str, cert_key_str = generate_cert() cert = {"cert": cert_str, "key": cert_key_str} > resp = self.server.create_authn_response( identity=ava, in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", name_id=self.name_id, userid="foba0001@example.com", authn=AUTHN, sign_response=True, sign_assertion=True, encrypt_assertion=True, encrypt_assertion_self_contained=True, pefim=True, encrypt_cert_assertion=cert_str, ) tests/test_51_client.py:2253: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:900: in _response response = signed_instance_factory(response, self.sec, to_sign_assertion) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=504cd7f3f61b66e98a5682b376cef27b1450409dead483bb5c2a96507da0815curn:mace:example.com:saml:roland:spMIICHzCCAYgCAQEwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UEBhMCenoxCzAJBgNV\nBAgMAnp6MQ0wCwYDVQQHDAR6enp6MQ4wDAYDVQQKDAVaenp6ejEOMAwGA1UECwwF\nWnp6enoxDTALBgNVBAMMBHRlc3QwHhcNMTUwNjAyMDc0MzAxWhcNMjUwNTMwMDc0\nMzAxWjBYMQswCQYDVQQGEwJ6ejELMAkGA1UECAwCenoxDTALBgNVBAcMBHp6enox\nDjAMBgNVBAoMBVp6enp6MQ4wDAYDVQQLDAVaenp6ejENMAsGA1UEAwwEdGVzdDCB\nnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA41tJCTPuG2lirbztuGbBlzbzSipM\nEzM+zluWegUaoUjqtlgNHOTQqTJOqw/GdjkxRKJT6IxI3/HVcnfw7P4a4xSkL/ME\nIG3VyzedWEyLIHeofoQSTvr84ZdD0+Gk+zNCSqOQC7UuqpOLbMKK1tgZ8Mr7BkgI\np8H3lreLf29Sd5MCAwEAATANBgkqhkiG9w0BAQsFAAOBgQB0EXxy5+hsB7Rid7Gy\nCZrAObpaC4nbyPPW/vccFKmEkYtlygEPgky7D9AGsVSaTc/YxPZcanY+vKoRIsiR\n6ZitIUU5b+NnHcdj6289tUQ0iHj5jgVyv8wYHvPntTnqH2S7he0talLER8ITYToh\n2wz3u7waz/GypMeA/suhoEfxew==f6OmDJCMD4tUTdVxJU75RBy09ecZZm2dOzyjTDePHeb7C6JutZnRYD8Rczg64VI4\nIJYHdFwf6lwjjiiguNtdP/ty5+9sf37tCf+8xsnNGYbAfYgEmzjeOSdhNDpJnu+d\n5orsQz4Ih5lKguasaNwTS7jIDi5zDxeknwNt9PgQoos=MYLV40QTJt8+kMWsRO3a4u2PdpA//YGd3puUqb4N8PAmHHBtr3JG6pe7wxvXLk/S\nUf1nfU6nEOEWmx5nYe25465QTy9e1K0VmTlW6yog5J4bAJL10T1bmPpBwe052VzY\nebE8jzNqjNrRqaGqKv5nqXAO5H5XKQ5A6YIhgssj8s9jTOGs6+NKXW8UPTZYwMwH\ncJxTh4Soc1qE98CNrr0ccpRSwf4DwfGbg34N3kYkEZaBvJYGMYTkB2Axq3XKgkIH\nYhCt3kdtsOXSh2CyK3/VHjvCuLyUI3FDjVRWqfanKz4T/AMqrhe6r6SV9kd7hJtl\nfhK87CN6+FTjuuTquFDovBtj1qmMcgcEnn8crDd2Q8jl+lA4ykVicMtSnurLV0ok\n1G/J/5wR4u/y1Uzs9CTtkl1Lp1f1uhOF+5YGszzm9wDHQNrTToudZ6QHQLnSWFo3\ngvhQB57chK49vvYtsc7EHxB2GAFrzD2+mLnNxweNeeomLAcYjGuUQPrSihmwUD0b\nxffAuXVmLxy/rk9MDlnuBEI9pVnjHG336osDYgNxDbbd39i3Q1xhxiGvo0ut4Vvj\nWTkjKmbqNhI+55x8MwM+J5LVHXWD6N+RivVr0XFUheWn0ZsX9UBgwN2Yrc4GujSa\nzo8YiRKwZKoWJzJBQ5dJtFGeQmR1uZFtfmrii3LAOMSYIidmd87neoUiLDythwsK\nH0RSzm0P9LDR09R708qpH0LvUlx8yTsDWrrQ0UEcfcnvjzwVnTFAwihKnBvuNNxu\n4AlHKZQx69W+B2EHyOv/C1UPEmYnbnx98uGXnEgKbnK6LYQRDYtxDwOyV9oP0czz\nMCzZPNYeot8mEeZNPaKHXjdILPLmEZhlitBMGR7CloEsPtrzstzzzT7yA5TQX9L9\nAaVXwQRCpHPMK+2GCVpEGUPoe41DxDtUxqq4Nng3qoFvvdN+pYGTpPTYv0z+40G5\nays6aXveREaTlGDLTXjlcC5gNeB84QPciL4l56yTQUFuL475VOTGJw5/WwmS4ecJ\nnz7b6Vrk9n1Qungmz8iHqscy6YK2HzPkQz44tJ7hI5UNRCtVTycc20/9GOQWeMoa\nVgyavryR1+NB6fwzPRjjAGRHaqhN7KG5SUaBOUOfLT8yW09hjCYyUeqidTODWokA\n+7RjjMyxdFhzHeOullz9tSh8EmZhl4tijqQauo/eWPUeznfKSuHbGh5goYzIA9At\nsXlrZR2SPgUEQPsajRVvkuWUajZMIEO09cdGuDWbBjMTYsIHmoLpSkBVJIM+xrp4\n++HLY7ZMAKqDGYUZayVb1crn9TXm37+o6T4R1WPEmp5l4MGwTFQ6w4e97L2OmCkx\n4N1/U10NepCjr98VY2fZo+vvXMcQbTqX57NWjzbRBddKOGR1VMMwvYw1gUwbcydW\notBGzAiWIXfGF5Rja10BJFh8AZOpSIqSzJI9eQyUUofwCEIqH/V9+gAK4vkI2SRS\n5RXa9tOAtrFxCGslywI6g6ioFOV7uBAqmwCMe/Up9PoSnWzMGOvoZjCdV4HV0st8\nNB14pcWOsBVObHSK/FYNMtlS0B9J/9cqO2JpPzQSxKGyExk2WLWDnSaRbXpGm7Ij\nliWRAM2XG9ycRS0Al2Oyi388nsgtxEgdumpGWRjjKES5oRsP+707dZxVXdUpPqin\nZ9IaJrbDLSiCh6gWf1BdDWbk98mpbQXXYgznbDJjZEPBJ41eKLdUfsrZb1NnJMml\n67UBHkAYT1dxUj8JAKewtM6rCW+tTExQ/L1Nl6cLFGOaxt/xkq8EZwQyczpN8q2q\n83UCMdtWkX8tnMJd9VSqmfto4jyrNnRnUMIK6gMH/IW4p/5R4dDAjBdD/uE7zVLH\n62ZHd7d1g+hchT9KgCyb0GZu3ajLcontDx2gyCMRZUMjhP4sCtFXorwj7koSKG6U\ncMZSBJQ/fe/mDYNiK13ClPJWVXHHryI6v/Jv/8MfQoNcGmz9SGJMUF3YcFnWSkXV\nLy/axFwCLVMbN55ID9ateHPwuIwD+Se31ZCBlAdMY13I76Cpots+b/Bsy1YrF8lq\noMC1dyh+ilzHUvOdEbzAmVkmvEfBLVaBDXg1GhOs2yq44yZEWBWxADP/PvBW1BDm\nZtI2cbgikmVYk4wrMpXYz/i6TSkntE2D1zFs9rJrESAgKNOd6s5nJoTUYdbqU0o6\n5bvbSLwnSnqSLv3MJ7E6r5WnD0sCLLJglLXyvo76eXt8XbfXRpIAI9iSMgyYI1IW\noZgxIqF7xQ0iPhTS0XGYJdtjOrGXhGTIqvRNIJhxD8iOijyK5OhmfXC4Z2NGV6wG\nujYDivXAOa8afx0T4curBzWCEWgNztZ+uDQkBAhX71WS1mxNSynREnD9hKcqiI9N\nRKlI8L0VLtvUxIBscKIJz5Q+dTn+z5wHTq+uh/OdxCcFU1f5nSA/Jg==urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/login' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-b0eKJeliVD7GHvq47' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-b0eKJeliVD7GHvq47', '--output', '/tmp/tmprrfnggc_.xml', '/tmp/tmpsy04edmg.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpsy04edmg.xml" output= ____________________ TestClientNonAsciiAva.test_response_6 _____________________ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=c3be864735f5f50b8fbb4492d2718385eba9da4b188016f8a64bb610d96df220urn:mace:example.com:saml:roland:spMIICujCCAiMCAQEwDQYJKoZIhvcNAQELBQAwbTELMAkGA1UEBhMCc2UxCzAJBgNV\nBAgMAmFjMQ0wCwYDVQQHDAR1bWVhMRwwGgYDVQQKDBNJVFMgVW1lYSBVbml2ZXJz\naXR5MQ0wCwYDVQQLDARESVJHMRUwEwYDVQQDDAxsb2NhbGhvc3QuY2EwHhcNMjQx\nMTE0MDk0NjAzWhcNMzQxMTEyMDk0NjAzWjBaMQswCQYDVQQGEwJzZTELMAkGA1UE\nCAwCYWMxDTALBgNVBAcMBFVtZWExDDAKBgNVBAoMA0lUUzENMAsGA1UECwwERElS\nRzESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAuOOoNxo0nDA50lqp3//ZvaW7IIiwGv8z5i2pdX5DkG7DtWELG39revAl\nT+1ClACbQqWanWzXU01mQdwOXXA4UmwhxsmKovh/7TPGFvppr4ixprcCKsHsgv3d\nOzN06j+TSvq2INc9y+lio44zsNapI0z+BZ5dJeHGo9FTR5yjyD04qV6Nt4uuGNpa\nxWCBPEzBxKLJw5x/3c6tZ0lC3iU2UZQulGnHjsPNMPqgH6iweTuJguvKXCnHNNlX\nA9B5Zfja/vKa37hU48oM/H/kekSqb1JcF0KV3yh7+li8R0RdzCEuL+43ehI9IqpB\nD2+8DPN0/KvkmxG6kzJdiTAvpksyXwIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAHjn\nJx5LFTQEaUyqNNlF05Pz0KdDKbxCscOfTmB0EecvdIMM7WMh9zuiLP6vvQg/DkAJ\nwLzn6T49MF2Zv4saPfG//KzYrph4R4/x3ZsfCFcvcK6GlzJpP7sDnym5ESA3hXJ/\n4o17mCVYHXfBxBIBMJXxjIjQHFjp9YHKp+uugJ9fe4KPE64z3XwRSvccZ+XOfYDIjUlo4VGYl05V7y1bEplsGqyD/V3Ghx0sEjnM5wgn\nEpszTW7rLFzNRYX6+NmUZF2rD6TCYJvoqwdaAv/gcOWmiXtOkxqnDkKH9qp81cqu\nNTd7zJoOJ32bKHcX7KPVvzY/ymG0m3KaCT16if1v/BYYKGRKrDcZIy8mOROfL1/A\nITvidT6uU24hy3deA5Q3yPUM8kS6M9gC+qhwpnGRsE17M0W6zxDlWyZlTuHg+6AR\nA7GMPjrp9e17KXBpOxjB2kQ9jX+wyV6ptEKUMiElFUOZ5aDyyIR+A5NkVLEnR3qC\nsVx4nGfgvXs/N5Dzlud1DQ==XyCL0dxgFNqStR7ekGQ/ZMpW+OsPU/8HulYcpOIlu2Xpkijs9NcXDRaaa6WH+o0p\nGE7is6miIkI8hHWZtQFklmAoin6UNq2PGyfTHjSHpVSZxKHujR3pRSu9Mm4haIg6\n5MyVwLCuJ6DLls043IijPtUpejK4inTBGFMsvsqt7LxaAIpf1XXdERhDz7qZs04f\nC5CjwwydZsRVjb6KehhTC1/MJfw7Ey9cTC/WzVZ83oWo4evw0ZKQvegiUFvxQC58\nCckkvbjyQ2/RrD0Gdmthf2vvDMKhivxAp4XTp+BI8bL8wyp7g1THps8x8B7g4Smd\nCmfiF/J9S1X3kRv5I39/PCFoByCdUz7iStz+ul/w4mifkRpMok1Oh1gWy9jeHjBG\nYJMDwPP7ZA3A3W3TDiI8LPAJVf4OLBGxERYcujmUfF+MlaAzT3czn3u6w1UM7mWP\n0drd+33DzuIlhYvvGr3dhyxaGLS4dAP75MaFuTk+7NOWaHMfylxQaOYC5oXiXhGY\nNIgQ0cU7HShhZHGffHpIF+0ejyvLX7u//TrJQ7sWwxS/UOQUMCYDcrXu8rUPiUEX\nR7TJRftumrUR3QV6VNeXcn2rQIpiZr4EPFsojFp+X/OgLBpjmQ7dE+ixWbo0NJsl\ny4R8egbYAJ8sncMbuQ7TAo/IyM2PhiAuPjoJ+rIQ21Z+gFD6Myf1n992CdXOIdyZ\n793/oXO5EVSTbV3bR3EZpbu51HJxegtLPdNNXwaKVh+zuxL5WjkAKda54eV3HnIL\nNM3DGeAbjKiun3FYQbYlHdA1uy7vmC67wyaM1Ko8sXWv3HVe/fPHT57k3n0r0KXd\nT0atHRK0ToJ9Z6IHGsB+qdvMSz1sOfUyT814t5QTng/P+B9aijXVZLzUE5HLf1l2\noXDa9qgMTNknDT1J2O98W2SEfzxWtjbtgQMRrPiJ/IZt+jKXhzs4eQTfDuvPJKGW\nrQrDyQTlU9ZWf9nLwXN4zlQ+r1THJhkpJv9NzI+venvg1pIOVtkt8xLWM6UntcNq\nLoc5rGzZ8icpQRXddDVql9SzEsSUArq9ETNAqf8p7IWTuT2h6F7zv797QudKAJLN\n8J9To+K6SsvjxQN6KbVdPmTxsTOHdEZuKvdibXVWvAj+515DxDfyaXtOXOxbrd9t\nZgLCxVx4FOMwi3iuo/i8zZkfnJNyDfF4MPFhSLtQZeANPEvvgBg7w21rWEBz4+FC\naKu+fDOcSGvhvbWANYNSyZP3urccX95VnF4tC4aUT9gOqroAnZMuYzutkXyta63I\n+wtVXjjqjvRiT7b+xnFFQUutLYZ/dOFYatNz5y4AajG9vJ6sJgsgVUJbKbSpg8M7\nahd1H5hledhJdEc7wuUGwdUVk+aTnLp+tjeMoS+lWzZqXJ+VMT6oyNlgBcIznRv5\n2UBtKp/BnOutLpFKE475Tk/4ZmLldTvsFKg93msZGZLYelue7F0GfygN0S9t4La8\namsZLGKfvNOYQmaw+ju5GMUN5gXtQjRqJ/zojtqfdx+F+RtEKTFP03EqQULaDwR0\n/ovwjpbEG59yqLUJ1MXmIiFvO1BRFtRCnh92Zv8Tej3u+nQvykDbFbFEymhEwqNA\ngtesxkAxCQmkWF18i97hMmWobyojTDAocGJoId5w7BFDCDJvIiJzhovIefiQq38l\nxCsC1jA9mcRMV9wB9bgmpB+IK0EKS/ligfjsqIPSoGTJa2WJKPuGDQXvKbXr7Qb5\nN/97i1wHxv1tFtD+NxJTqlIQQ1T8B2EZOW9DIuW3IySJ4jwGmYhoNRXv71uNn/+j\np/qn/KFib9SKz0tbufLfGU2TNuMyh7oBaJYxJ+7BKS3ZPMQhd4oVrsb8xpwkDbiG\n6y/Ol5QU7U7nQEk49YitZdEVcnz8OTZi+KLwRkBrGtrVRCUnJyhVvddjCKnfUBYZ\nrXg/EHMlxufKyydv5Vmw78qrboprdWQ+XDqHHTfKH8uUYmj9xMd0IP/kCyzHdrSv\nm/WE2yvYwCRNoYkm6E5V9hVRnqsqd+yE7bHw3XHIdd499l/oTr8z6dgGxre5SwlL\nq7FnkP575/QSc60Knz7/jO+acuO/0CwfpZK/FcWY52zDdByRD6xnVjOb1Sg/wJPL\n6sDmWLrBQ/+79TVKKaXAeDG5ubZfJIekTv3XaYbr20iVVsJhEdbcrRq3gSHAgo5x\naagc58u+xj9j4j2brMjc716rzSjkA4dWFt6tJ9uo//f5BXgWVNTynKCT/vqcSPPB\nQVx81hxg71JeXd4Ueei0b8XVG87hMmuJaaJiNKJ6cLQmeDV+wNQNAbVXqzM/Qywd\nPlkk0Ll6t2JoIOFOISN0FLP3lT7tHshmpkoONbo+IOfxZpb21q3lCVmet8hE8Lar\ndZqgBcMWjqsDjOhVyPx1wJxFTHU3nRGuto5ircu7NhUdauHuYuNe0g==urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/login' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-xOkw62bp0Uj14hQFq' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpp0_si__9.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpp0_si__9.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_response_6(self): conf = config.SPConfig() conf.load_file("server_conf") _client = Saml2Client(conf) idp, ava, ava_verify, nameid_policy = self.setup_verify_authn_response() self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id1") cert_assertion_str, cert_key_assertion_str = generate_cert() cert_assertion = {"cert": cert_assertion_str, "key": cert_key_assertion_str} cert_advice_str, cert_key_advice_str = generate_cert() cert_advice = {"cert": cert_advice_str, "key": cert_key_advice_str} > resp = self.server.create_authn_response( identity=ava, in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", name_id=self.name_id, userid="foba0001@example.com", authn=AUTHN, sign_response=True, sign_assertion=True, encrypt_assertion=True, encrypt_assertion_self_contained=True, pefim=True, encrypt_cert_assertion=cert_assertion_str, encrypt_cert_advice=cert_advice_str, ) tests/test_51_client.py:2296: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:900: in _response response = signed_instance_factory(response, self.sec, to_sign_assertion) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=c3be864735f5f50b8fbb4492d2718385eba9da4b188016f8a64bb610d96df220urn:mace:example.com:saml:roland:spMIICujCCAiMCAQEwDQYJKoZIhvcNAQELBQAwbTELMAkGA1UEBhMCc2UxCzAJBgNV\nBAgMAmFjMQ0wCwYDVQQHDAR1bWVhMRwwGgYDVQQKDBNJVFMgVW1lYSBVbml2ZXJz\naXR5MQ0wCwYDVQQLDARESVJHMRUwEwYDVQQDDAxsb2NhbGhvc3QuY2EwHhcNMjQx\nMTE0MDk0NjAzWhcNMzQxMTEyMDk0NjAzWjBaMQswCQYDVQQGEwJzZTELMAkGA1UE\nCAwCYWMxDTALBgNVBAcMBFVtZWExDDAKBgNVBAoMA0lUUzENMAsGA1UECwwERElS\nRzESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAuOOoNxo0nDA50lqp3//ZvaW7IIiwGv8z5i2pdX5DkG7DtWELG39revAl\nT+1ClACbQqWanWzXU01mQdwOXXA4UmwhxsmKovh/7TPGFvppr4ixprcCKsHsgv3d\nOzN06j+TSvq2INc9y+lio44zsNapI0z+BZ5dJeHGo9FTR5yjyD04qV6Nt4uuGNpa\nxWCBPEzBxKLJw5x/3c6tZ0lC3iU2UZQulGnHjsPNMPqgH6iweTuJguvKXCnHNNlX\nA9B5Zfja/vKa37hU48oM/H/kekSqb1JcF0KV3yh7+li8R0RdzCEuL+43ehI9IqpB\nD2+8DPN0/KvkmxG6kzJdiTAvpksyXwIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAHjn\nJx5LFTQEaUyqNNlF05Pz0KdDKbxCscOfTmB0EecvdIMM7WMh9zuiLP6vvQg/DkAJ\nwLzn6T49MF2Zv4saPfG//KzYrph4R4/x3ZsfCFcvcK6GlzJpP7sDnym5ESA3hXJ/\n4o17mCVYHXfBxBIBMJXxjIjQHFjp9YHKp+uugJ9fe4KPE64z3XwRSvccZ+XOfYDIjUlo4VGYl05V7y1bEplsGqyD/V3Ghx0sEjnM5wgn\nEpszTW7rLFzNRYX6+NmUZF2rD6TCYJvoqwdaAv/gcOWmiXtOkxqnDkKH9qp81cqu\nNTd7zJoOJ32bKHcX7KPVvzY/ymG0m3KaCT16if1v/BYYKGRKrDcZIy8mOROfL1/A\nITvidT6uU24hy3deA5Q3yPUM8kS6M9gC+qhwpnGRsE17M0W6zxDlWyZlTuHg+6AR\nA7GMPjrp9e17KXBpOxjB2kQ9jX+wyV6ptEKUMiElFUOZ5aDyyIR+A5NkVLEnR3qC\nsVx4nGfgvXs/N5Dzlud1DQ==XyCL0dxgFNqStR7ekGQ/ZMpW+OsPU/8HulYcpOIlu2Xpkijs9NcXDRaaa6WH+o0p\nGE7is6miIkI8hHWZtQFklmAoin6UNq2PGyfTHjSHpVSZxKHujR3pRSu9Mm4haIg6\n5MyVwLCuJ6DLls043IijPtUpejK4inTBGFMsvsqt7LxaAIpf1XXdERhDz7qZs04f\nC5CjwwydZsRVjb6KehhTC1/MJfw7Ey9cTC/WzVZ83oWo4evw0ZKQvegiUFvxQC58\nCckkvbjyQ2/RrD0Gdmthf2vvDMKhivxAp4XTp+BI8bL8wyp7g1THps8x8B7g4Smd\nCmfiF/J9S1X3kRv5I39/PCFoByCdUz7iStz+ul/w4mifkRpMok1Oh1gWy9jeHjBG\nYJMDwPP7ZA3A3W3TDiI8LPAJVf4OLBGxERYcujmUfF+MlaAzT3czn3u6w1UM7mWP\n0drd+33DzuIlhYvvGr3dhyxaGLS4dAP75MaFuTk+7NOWaHMfylxQaOYC5oXiXhGY\nNIgQ0cU7HShhZHGffHpIF+0ejyvLX7u//TrJQ7sWwxS/UOQUMCYDcrXu8rUPiUEX\nR7TJRftumrUR3QV6VNeXcn2rQIpiZr4EPFsojFp+X/OgLBpjmQ7dE+ixWbo0NJsl\ny4R8egbYAJ8sncMbuQ7TAo/IyM2PhiAuPjoJ+rIQ21Z+gFD6Myf1n992CdXOIdyZ\n793/oXO5EVSTbV3bR3EZpbu51HJxegtLPdNNXwaKVh+zuxL5WjkAKda54eV3HnIL\nNM3DGeAbjKiun3FYQbYlHdA1uy7vmC67wyaM1Ko8sXWv3HVe/fPHT57k3n0r0KXd\nT0atHRK0ToJ9Z6IHGsB+qdvMSz1sOfUyT814t5QTng/P+B9aijXVZLzUE5HLf1l2\noXDa9qgMTNknDT1J2O98W2SEfzxWtjbtgQMRrPiJ/IZt+jKXhzs4eQTfDuvPJKGW\nrQrDyQTlU9ZWf9nLwXN4zlQ+r1THJhkpJv9NzI+venvg1pIOVtkt8xLWM6UntcNq\nLoc5rGzZ8icpQRXddDVql9SzEsSUArq9ETNAqf8p7IWTuT2h6F7zv797QudKAJLN\n8J9To+K6SsvjxQN6KbVdPmTxsTOHdEZuKvdibXVWvAj+515DxDfyaXtOXOxbrd9t\nZgLCxVx4FOMwi3iuo/i8zZkfnJNyDfF4MPFhSLtQZeANPEvvgBg7w21rWEBz4+FC\naKu+fDOcSGvhvbWANYNSyZP3urccX95VnF4tC4aUT9gOqroAnZMuYzutkXyta63I\n+wtVXjjqjvRiT7b+xnFFQUutLYZ/dOFYatNz5y4AajG9vJ6sJgsgVUJbKbSpg8M7\nahd1H5hledhJdEc7wuUGwdUVk+aTnLp+tjeMoS+lWzZqXJ+VMT6oyNlgBcIznRv5\n2UBtKp/BnOutLpFKE475Tk/4ZmLldTvsFKg93msZGZLYelue7F0GfygN0S9t4La8\namsZLGKfvNOYQmaw+ju5GMUN5gXtQjRqJ/zojtqfdx+F+RtEKTFP03EqQULaDwR0\n/ovwjpbEG59yqLUJ1MXmIiFvO1BRFtRCnh92Zv8Tej3u+nQvykDbFbFEymhEwqNA\ngtesxkAxCQmkWF18i97hMmWobyojTDAocGJoId5w7BFDCDJvIiJzhovIefiQq38l\nxCsC1jA9mcRMV9wB9bgmpB+IK0EKS/ligfjsqIPSoGTJa2WJKPuGDQXvKbXr7Qb5\nN/97i1wHxv1tFtD+NxJTqlIQQ1T8B2EZOW9DIuW3IySJ4jwGmYhoNRXv71uNn/+j\np/qn/KFib9SKz0tbufLfGU2TNuMyh7oBaJYxJ+7BKS3ZPMQhd4oVrsb8xpwkDbiG\n6y/Ol5QU7U7nQEk49YitZdEVcnz8OTZi+KLwRkBrGtrVRCUnJyhVvddjCKnfUBYZ\nrXg/EHMlxufKyydv5Vmw78qrboprdWQ+XDqHHTfKH8uUYmj9xMd0IP/kCyzHdrSv\nm/WE2yvYwCRNoYkm6E5V9hVRnqsqd+yE7bHw3XHIdd499l/oTr8z6dgGxre5SwlL\nq7FnkP575/QSc60Knz7/jO+acuO/0CwfpZK/FcWY52zDdByRD6xnVjOb1Sg/wJPL\n6sDmWLrBQ/+79TVKKaXAeDG5ubZfJIekTv3XaYbr20iVVsJhEdbcrRq3gSHAgo5x\naagc58u+xj9j4j2brMjc716rzSjkA4dWFt6tJ9uo//f5BXgWVNTynKCT/vqcSPPB\nQVx81hxg71JeXd4Ueei0b8XVG87hMmuJaaJiNKJ6cLQmeDV+wNQNAbVXqzM/Qywd\nPlkk0Ll6t2JoIOFOISN0FLP3lT7tHshmpkoONbo+IOfxZpb21q3lCVmet8hE8Lar\ndZqgBcMWjqsDjOhVyPx1wJxFTHU3nRGuto5ircu7NhUdauHuYuNe0g==urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/login' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-xOkw62bp0Uj14hQFq' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-xOkw62bp0Uj14hQFq', '--output', '/tmp/tmpoj2vgevv.xml', '/tmp/tmpp0_si__9.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpp0_si__9.xml" output= ____________________ TestClientNonAsciiAva.test_response_7 _____________________ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=7c2734e36bea0750e9f3b7811b15d5228f598fe1c2f58570b4c6ac9a05d9af0eurn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginDaveConcepciónDave@cnr.mlb.com#13' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-cXuMDNVeNCqRg4f8K' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpnhhvthtg.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpnhhvthtg.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_response_7(self): conf = config.SPConfig() conf.load_file("server_conf") _client = Saml2Client(conf) idp, ava, ava_verify, nameid_policy = self.setup_verify_authn_response() self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id1") > resp = self.server.create_authn_response( identity=ava, in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", name_id=self.name_id, userid="foba0001@example.com", authn=AUTHN, sign_response=True, sign_assertion=True, encrypt_assertion=True, encrypt_assertion_self_contained=True, encrypted_advice_attributes=True, ) tests/test_51_client.py:2335: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:900: in _response response = signed_instance_factory(response, self.sec, to_sign_assertion) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=7c2734e36bea0750e9f3b7811b15d5228f598fe1c2f58570b4c6ac9a05d9af0eurn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginDaveConcepciónDave@cnr.mlb.com#13' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-cXuMDNVeNCqRg4f8K' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-cXuMDNVeNCqRg4f8K', '--output', '/tmp/tmp38zk_3oj.xml', '/tmp/tmpnhhvthtg.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpnhhvthtg.xml" output= ____________________ TestClientNonAsciiAva.test_response_8 _____________________ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=23a3f5082a8b8d8810387ecdb27f4f0fabe972778fdee468f663a20aa51fcbc6urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginDaveConcepciónDave@cnr.mlb.com#13' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-xJnsL1xiLFMgLhJwg' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmp17u6twqb.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmp17u6twqb.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_response_8(self): conf = config.SPConfig() conf.load_file("server_conf") _client = Saml2Client(conf) idp, ava, ava_verify, nameid_policy = self.setup_verify_authn_response() self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id1") cert_str, cert_key_str = generate_cert() cert = {"cert": cert_str, "key": cert_key_str} > resp = self.server.create_authn_response( identity=ava, in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", name_id=self.name_id, userid="foba0001@example.com", authn=AUTHN, sign_response=True, sign_assertion=True, encrypt_assertion=True, encrypt_assertion_self_contained=True, encrypt_cert_assertion=cert_str, ) tests/test_51_client.py:2373: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:900: in _response response = signed_instance_factory(response, self.sec, to_sign_assertion) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=23a3f5082a8b8d8810387ecdb27f4f0fabe972778fdee468f663a20aa51fcbc6urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginDaveConcepciónDave@cnr.mlb.com#13' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-xJnsL1xiLFMgLhJwg' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-xJnsL1xiLFMgLhJwg', '--output', '/tmp/tmpedplml10.xml', '/tmp/tmp17u6twqb.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmp17u6twqb.xml" output= ____________ TestClientNonAsciiAva.test_sign_then_encrypt_assertion ____________ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=_aaaJeterDerek' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-NRYXEKaUUgc1akr7J' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpx1xattoj.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpx1xattoj.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_sign_then_encrypt_assertion(self): # Begin with the IdPs side _sec = self.server.sec assertion = s_utils.assertion_factory( subject=factory(saml.Subject, text="_aaa", name_id=factory(saml.NameID, format=NAMEID_FORMAT_TRANSIENT)), attribute_statement=do_attribute_statement( { ("", "", "sn"): ("Jeter", ""), ("", "", "givenName"): ("Derek", ""), } ), issuer=self.server._issuer(), ) assertion.signature = sigver.pre_signature_part(assertion.id, _sec.my_cert, 1) > sigass = _sec.sign_statement( assertion, class_name(assertion), key_file=full_path("test.key"), node_id=assertion.id ) tests/test_51_client.py:2557: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=_aaaJeterDerek' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-NRYXEKaUUgc1akr7J' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-NRYXEKaUUgc1akr7J', '--output', '/tmp/tmpj87r93fn.xml', '/tmp/tmpx1xattoj.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpx1xattoj.xml" output= ___________ TestClientNonAsciiAva.test_sign_then_encrypt_assertion2 ____________ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginDaveConcepción' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-RCUpRmyfGpEmwYm9r' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmprn6unsuy.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmprn6unsuy.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_sign_then_encrypt_assertion2(self): # Begin with the IdPs side _sec = self.server.sec nameid_policy = samlp.NameIDPolicy(allow_create="false", format=saml.NAMEID_FORMAT_PERSISTENT) asser = Assertion({"givenName": "Dave", "sn": "Concepción"}) farg = add_path({}, ["assertion", "subject", "subject_confirmation", "method", saml.SCM_BEARER]) add_path( farg["assertion"]["subject"]["subject_confirmation"], ["subject_confirmation_data", "in_response_to", "_012345"], ) add_path( farg["assertion"]["subject"]["subject_confirmation"], ["subject_confirmation_data", "recipient", "http://lingon.catalogix.se:8087/"], ) assertion = asser.construct( self.client.config.entityid, self.server.config.attribute_converters, self.server.config.getattr("policy", "idp"), name_id=factory(saml.NameID, format=NAMEID_FORMAT_TRANSIENT), issuer=self.server._issuer(), authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", farg=farg["assertion"], ) assertion.signature = sigver.pre_signature_part(assertion.id, _sec.my_cert, 1) > sigass = _sec.sign_statement( assertion, class_name(assertion), key_file=self.client.sec.key_file, node_id=assertion.id ) tests/test_51_client.py:2628: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginDaveConcepción' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-RCUpRmyfGpEmwYm9r' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-RCUpRmyfGpEmwYm9r', '--output', '/tmp/tmpag_ch7qq.xml', '/tmp/tmprn6unsuy.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmprn6unsuy.xml" output= _______ TestClientNonAsciiAva.test_sign_then_encrypt_assertion_advice_1 ________ self = statement = 'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:spurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/logintest01test.testsson@test.seurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginDaveConcepción' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-TLcBsjm87DuO7iTPy' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpucx0bxu9.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpucx0bxu9.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_sign_then_encrypt_assertion_advice_1(self): # Begin with the IdPs side _sec = self.server.sec nameid_policy = samlp.NameIDPolicy(allow_create="false", format=saml.NAMEID_FORMAT_PERSISTENT) asser = Assertion({"givenName": "Dave", "sn": "Concepción"}) subject_confirmation_specs = { "recipient": "http://lingon.catalogix.se:8087/", "in_response_to": "_012345", "subject_confirmation_method": saml.SCM_BEARER, } name_id = factory(saml.NameID, format=NAMEID_FORMAT_TRANSIENT) farg = add_path({}, ["assertion", "subject", "subject_confirmation", "method", saml.SCM_BEARER]) add_path( farg["assertion"]["subject"]["subject_confirmation"], ["subject_confirmation_data", "in_response_to", "_012345"], ) add_path( farg["assertion"]["subject"]["subject_confirmation"], ["subject_confirmation_data", "recipient", "http://lingon.catalogix.se:8087/"], ) assertion = asser.construct( self.client.config.entityid, self.server.config.attribute_converters, self.server.config.getattr("policy", "idp"), issuer=self.server._issuer(), name_id=name_id, authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", farg=farg["assertion"], ) a_asser = Assertion({"uid": "test01", "email": "test.testsson@test.se"}) a_assertion = a_asser.construct( self.client.config.entityid, self.server.config.attribute_converters, self.server.config.getattr("policy", "idp"), issuer=self.server._issuer(), authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", name_id=name_id, farg=farg["assertion"], ) a_assertion.signature = sigver.pre_signature_part(a_assertion.id, _sec.my_cert, 1) assertion.advice = Advice() assertion.advice.encrypted_assertion = [] assertion.advice.encrypted_assertion.append(EncryptedAssertion()) assertion.advice.encrypted_assertion[0].add_extension_element(a_assertion) response = response_factory( in_response_to="_012345", destination="http://lingon.catalogix.se:8087/", status=s_utils.success_status_factory(), issuer=self.server._issuer(), ) response.assertion.append(assertion) > response = _sec.sign_statement( f"{response}", class_name(a_assertion), key_file=self.client.sec.key_file, node_id=a_assertion.id ) tests/test_51_client.py:2730: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:spurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/logintest01test.testsson@test.seurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginDaveConcepción' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-TLcBsjm87DuO7iTPy' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-TLcBsjm87DuO7iTPy', '--output', '/tmp/tmpza8ndkou.xml', '/tmp/tmpucx0bxu9.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpucx0bxu9.xml" output= _______ TestClientNonAsciiAva.test_sign_then_encrypt_assertion_advice_2 ________ self = statement = 'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:spurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/logintest01urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginDave' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-Ykgbup5i9gfwg8Zw3' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpi0ogytg3.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpi0ogytg3.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_sign_then_encrypt_assertion_advice_2(self): # Begin with the IdPs side _sec = self.server.sec asser_1 = Assertion({"givenName": "Dave"}) farg = add_path({}, ["assertion", "subject", "subject_confirmation", "method", saml.SCM_BEARER]) add_path( farg["assertion"]["subject"]["subject_confirmation"], ["subject_confirmation_data", "in_response_to", "_012345"], ) add_path( farg["assertion"]["subject"]["subject_confirmation"], ["subject_confirmation_data", "recipient", "http://lingon.catalogix.se:8087/"], ) name_id = factory(saml.NameID, format=NAMEID_FORMAT_TRANSIENT) assertion_1 = asser_1.construct( self.client.config.entityid, self.server.config.attribute_converters, self.server.config.getattr("policy", "idp"), issuer=self.server._issuer(), authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", name_id=name_id, farg=farg["assertion"], ) asser_2 = Assertion({"sn": "Concepción"}) assertion_2 = asser_2.construct( self.client.config.entityid, self.server.config.attribute_converters, self.server.config.getattr("policy", "idp"), issuer=self.server._issuer(), authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", name_id=name_id, farg=farg["assertion"], ) a_asser_1 = Assertion({"uid": "test01"}) a_assertion_1 = a_asser_1.construct( self.client.config.entityid, self.server.config.attribute_converters, self.server.config.getattr("policy", "idp"), issuer=self.server._issuer(), authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", name_id=name_id, farg=farg["assertion"], ) a_asser_2 = Assertion({"email": "test.testsson@test.se"}) a_assertion_2 = a_asser_2.construct( self.client.config.entityid, self.server.config.attribute_converters, self.server.config.getattr("policy", "idp"), issuer=self.server._issuer(), authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", name_id=name_id, farg=farg["assertion"], ) a_asser_3 = Assertion({"street": "street"}) a_assertion_3 = a_asser_3.construct( self.client.config.entityid, self.server.config.attribute_converters, self.server.config.getattr("policy", "idp"), issuer=self.server._issuer(), authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", name_id=name_id, farg=farg["assertion"], ) a_asser_4 = Assertion({"title": "title"}) a_assertion_4 = a_asser_4.construct( self.client.config.entityid, self.server.config.attribute_converters, self.server.config.getattr("policy", "idp"), issuer=self.server._issuer(), authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", name_id=name_id, farg=farg["assertion"], ) a_assertion_1.signature = sigver.pre_signature_part(a_assertion_1.id, _sec.my_cert, 1) a_assertion_2.signature = sigver.pre_signature_part(a_assertion_2.id, _sec.my_cert, 1) a_assertion_3.signature = sigver.pre_signature_part(a_assertion_3.id, _sec.my_cert, 1) a_assertion_4.signature = sigver.pre_signature_part(a_assertion_4.id, _sec.my_cert, 1) assertion_1.signature = sigver.pre_signature_part(assertion_1.id, _sec.my_cert, 1) assertion_2.signature = sigver.pre_signature_part(assertion_2.id, _sec.my_cert, 1) response = response_factory( in_response_to="_012345", destination="http://lingon.catalogix.se:8087/", status=s_utils.success_status_factory(), issuer=self.server._issuer(), ) response.assertion = assertion_1 response.assertion.advice = Advice() response.assertion.advice.encrypted_assertion = [] response.assertion.advice.encrypted_assertion.append(EncryptedAssertion()) response.assertion.advice.encrypted_assertion[0].add_extension_element(a_assertion_1) advice_tag = response.assertion.advice._to_element_tree().tag assertion_tag = a_assertion_1._to_element_tree().tag response = response.get_xml_string_with_self_contained_assertion_within_advice_encrypted_assertion( assertion_tag, advice_tag ) > response = _sec.sign_statement( f"{response}", class_name(a_assertion_1), key_file=self.server.sec.key_file, node_id=a_assertion_1.id ) tests/test_51_client.py:2890: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = 'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:spurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:spurn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/logintest01urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPasswordhttp://www.example.com/loginDave' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-Ykgbup5i9gfwg8Zw3' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-Ykgbup5i9gfwg8Zw3', '--output', '/tmp/tmptsso23du.xml', '/tmp/tmpi0ogytg3.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpi0ogytg3.xml" output= _____________ TestClientNonAsciiAva.test_do_logout_signed_redirect _____________ self = def test_do_logout_signed_redirect(self): conf = config.SPConfig() conf.load_file("sp_slo_redirect_conf") client = Saml2Client(conf) # information about the user from an IdP session_info = { "name_id": nid, "issuer": "urn:mace:example.com:saml:roland:idp", "not_on_or_after": in_a_while(minutes=15), "ava": {"givenName": "Anders", "sn": "Österberg", "mail": "anders.osterberg@example.com"}, } client.users.add_information_about_person(session_info) entity_ids = client.users.issuers_of_info(nid) assert entity_ids == ["urn:mace:example.com:saml:roland:idp"] > resp = client.do_logout( nid, entity_ids, "Tired", in_a_while(minutes=5), sign=True, expected_binding=BINDING_HTTP_REDIRECT ) tests/test_51_client.py:3066: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/client.py:333: in do_logout http_info = self.apply_binding( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:286: in apply_binding info = http_redirect_message( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/pack.py:182: in http_redirect_message args["Signature"] = base64.b64encode(signer.sign(string_enc)) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:521: in sign return saml2.cryptography.asymmetric.key_sign(key or self.key, msg, self.digest) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ rsakey = message = b'SAMLRequest=nVJLa8JAEP4ry941D6PYwQQs0jZglbbiobclGevC7o7dmYDtry9JPZQWPPQ0MHzPYRaBU1jTG3XyjO8dsqizd4EhcFrqLgYgw5YhGI8M0sDL8nEN%2BTiFUyShhpy%2BENh4d51hmDGKpaBVvSq1bUdd8WBW97e4DjipJ5%2B7vVZ7jGwplDofp1rVzB3WgcUEKXWe5sUoy0ZZsUtvoJhBWrxqtUIWG4wMrKPICZLEUWPckVhgns7nCTvS6hkN95CdjdhqtSHZhm1cHgTjb%2BlpNkhXi74UDCGiuqPojVyv2G9sOzoMUMAgVj501TO8aRDwbPzJ4bghP9wLIjkTWuDTIvlhdfHdGI%2F1SvXjqTPOHmyf9ECk%2F5FFoglsMYiusnxSTGcXx2%2BTapH8eYTqCw%3D%3D&RelayState=id-u4HaDGBeLne3I3zTV%7C1731577564%7C0c56019bb6c0a0164a5274ef5e260a55ed77fe23&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1' digest = def key_sign(rsakey, message, digest): """Sign the given message with the RSA key.""" padding = _asymmetric.padding.PKCS1v15() > signature = rsakey.sign(message, padding, digest) E cryptography.exceptions.UnsupportedAlgorithm: sha1 is not supported by this backend for RSA signing. ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/cryptography/asymmetric.py:17: UnsupportedAlgorithm __________________ TestClientNonAsciiAva.test_do_logout_post ___________________ self = statement = b'urn:mace:example.com:saml:roland:spMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=123456_foo' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:LogoutRequest' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-99fCjzC9fFaBvE9yD' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:LogoutRequest', ...] extra_args = ['/tmp/tmphnks4gsx.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmphnks4gsx.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_do_logout_post(self): # information about the user from an IdP session_info = { "name_id": nid, "issuer": "urn:mace:example.com:saml:roland:idp", "not_on_or_after": in_a_while(minutes=15), "ava": {"givenName": "Anders", "sn": "Österberg", "mail": "anders.osterberg@example.com"}, "session_index": SessionIndex("_foo"), } self.client.users.add_information_about_person(session_info) entity_ids = self.client.users.issuers_of_info(nid) assert entity_ids == ["urn:mace:example.com:saml:roland:idp"] > resp = self.client.do_logout( nid, entity_ids, "Tired", in_a_while(minutes=5), sign=True, expected_binding=BINDING_HTTP_POST ) tests/test_51_client.py:3102: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/client.py:321: in do_logout req_id, request = self.create_logout_request( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:1147: in create_logout_request return self._message( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:588: in _message signed_req = self.sign( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:524: in sign return signed_instance_factory(msg, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:spMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=123456_foo' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:LogoutRequest' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-99fCjzC9fFaBvE9yD' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:LogoutRequest', '--node-id', 'id-99fCjzC9fFaBvE9yD', '--output', '/tmp/tmp6s9gkub9.xml', '/tmp/tmphnks4gsx.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmphnks4gsx.xml" output= _____________ TestClientNonAsciiAva.test_do_logout_session_expired _____________ self = statement = b'urn:mace:example.com:saml:roland:spMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=123456_foo' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:LogoutRequest' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-OsARhoSihF6W4Ki23' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:LogoutRequest', ...] extra_args = ['/tmp/tmp2j283l6f.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmp2j283l6f.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_do_logout_session_expired(self): # information about the user from an IdP session_info = { "name_id": nid, "issuer": "urn:mace:example.com:saml:roland:idp", "not_on_or_after": a_while_ago(minutes=15), "ava": {"givenName": "Anders", "sn": "Österberg", "mail": "anders.osterberg@example.com"}, "session_index": SessionIndex("_foo"), } self.client.users.add_information_about_person(session_info) entity_ids = self.client.users.issuers_of_info(nid) assert entity_ids == ["urn:mace:example.com:saml:roland:idp"] > resp = self.client.do_logout( nid, entity_ids, "Tired", in_a_while(minutes=5), sign=True, expected_binding=BINDING_HTTP_POST ) tests/test_51_client.py:3127: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/client.py:321: in do_logout req_id, request = self.create_logout_request( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:1147: in create_logout_request return self._message( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:588: in _message signed_req = self.sign( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:524: in sign return signed_instance_factory(msg, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:spMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=123456_foo' node_name = 'urn:oasis:names:tc:SAML:2.0:protocol:LogoutRequest' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-OsARhoSihF6W4Ki23' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:LogoutRequest', '--node-id', 'id-OsARhoSihF6W4Ki23', '--output', '/tmp/tmpwz2wwcca.xml', '/tmp/tmp2j283l6f.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmp2j283l6f.xml" output= ___________________ TestSignedResponse.test_signed_response ____________________ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=4dca584cc8652d84b4a5bc1489d74c53f0d2b2f71ae4d2f32876152ec29fe04aurn:mace:example.com:saml:roland:spDerekJeterderek@nyy.mlb.comThe man' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-ite2IfM2OFZGGUiBb' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmpqr1ycnu1.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmpqr1ycnu1.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_signed_response(self): print(ds.DefaultSignature().get_digest_alg()) name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id12") ava = {"givenName": ["Derek"], "surName": ["Jeter"], "mail": ["derek@nyy.mlb.com"], "title": "The man"} > signed_resp = self.server.create_authn_response( ava, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=name_id, sign_assertion=True, ) tests/test_52_default_sign_alg.py:70: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:760: in _response return signed_instance_factory(response, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpurn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=4dca584cc8652d84b4a5bc1489d74c53f0d2b2f71ae4d2f32876152ec29fe04aurn:mace:example.com:saml:roland:spDerekJeterderek@nyy.mlb.comThe man' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-ite2IfM2OFZGGUiBb' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-ite2IfM2OFZGGUiBb', '--output', '/tmp/tmps2p8s84v.xml', '/tmp/tmpqr1ycnu1.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ----------------------------- Captured stdout call ----------------------------- http://www.w3.org/2000/09/xmldsig#sha1 ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmpqr1ycnu1.xml" output= __________________ TestSignedResponse.test_signed_response_1 ___________________ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=fa391d5e6f785fc00cf6ff35a62082a3a7b500899f5a273e044f319eea933405urn:mace:example.com:saml:roland:spDerekJeterderek@nyy.mlb.comThe man' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-d4U2kCEgl5uoervpI' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: > (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:796: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = com_list = ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', ...] extra_args = ['/tmp/tmp0_0qfj07.xml'] def _run_xmlsec(self, com_list, extra_args): """ Common code to invoke xmlsec and parse the output. :param com_list: Key-value parameter list for xmlsec :param extra_args: Positional parameters to be appended after all key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ with NamedTemporaryFile(suffix=".xml") as ntf: com_list.extend(["--output", ntf.name]) if self.version_nums >= (1, 3): com_list.extend(['--lax-key-search']) com_list += extra_args logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() p_out = p_out.decode() p_err = p_err.decode() if pof.returncode != 0: errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) > raise XmlsecError(errmsg) E saml2.sigver.XmlsecError: returncode=1 E error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate E func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest E func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 E func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: E func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL E func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: E func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: E func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: E Error: signature failed E Error: failed to sign file "/tmp/tmp0_0qfj07.xml" E E output= ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:870: XmlsecError The above exception was the direct cause of the following exception: self = def test_signed_response_1(self): > signed_resp = self.server.create_authn_response( self.ava, "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=self.name_id, sign_response=True, sign_assertion=True, ) tests/test_52_default_sign_alg.py:87: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:860: in create_authn_response return self._authn_response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/server.py:590: in _authn_response return self._response( ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:918: in _response return self.sign(response, to_sign=to_sign, sign_alg=sign_alg, digest_alg=digest_alg) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/entity.py:524: in sign return signed_instance_factory(msg, self.sec, to_sign) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:331: in signed_instance_factory signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1695: in sign_statement return self.crypto.sign_statement( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = statement = b'urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=urn:mace:example.com:saml:roland:idpMIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0GA1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJsiojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSwmDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6mrPzGzk3ECbupFnqyREH3+ZPSdk=fa391d5e6f785fc00cf6ff35a62082a3a7b500899f5a273e044f319eea933405urn:mace:example.com:saml:roland:spDerekJeterderek@nyy.mlb.comThe man' node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' key_file = '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key' node_id = 'id-d4U2kCEgl5uoervpI' def sign_statement(self, statement, node_name, key_file, node_id): """ Sign an XML statement. :param statement: The statement to be signed :param node_name: string like 'urn:oasis:names:...:Assertion' :param key_file: The file where the key can be found :param node_id: :return: The signed statement """ if isinstance(statement, SamlBase): statement = str(statement) tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, "--sign", "--privkey-pem", key_file, "--id-attr:ID", node_name, ] if node_id: com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: > raise SignatureError(com_list) from e E saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-d4U2kCEgl5uoervpI', '--output', '/tmp/tmpy2295s7r.xml', '/tmp/tmp0_0qfj07.xml'] ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:798: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=389:obj=x509-store:subj=unknown:error=71:certificate verification failed:X509_verify_cert: subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLX509StoreVerify:file=x509vfy.c:line=432:obj=x509-store:subj=unknown:error=71:certificate verification failed:subject=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; issuer=/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd; err=18; msg=self-signed certificate func=xmlSecOpenSSLEvpSignatureExecute:file=evp_signatures.c:line=562:obj=rsa-sha1:subj=EVP_SignFinal:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1934:obj=rsa-sha1:subj=xmlSecTransformExecute:error=1:xmlsec library function failed:final=1 func=xmlSecTransformIOBufferClose:file=transforms.c:line=2563:obj=rsa-sha1:subj=xmlSecTransformPushBin:error=1:xmlsec library function failed: func=xmlSecTransformC14NPushXml:file=c14n.c:line=243:obj=exc-c14n:subj=xmlOutputBufferClose:error=5:libxml2 library function failed:xml error: 0: NULL func=xmlSecTransformCtxXmlExecute:file=transforms.c:line=1052:obj=exc-c14n:subj=xmlSecTransformPushXml:error=1:xmlsec library function failed: func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=561:obj=unknown:subj=xmlSecTransformCtxXmlExecute:error=1:xmlsec library function failed: func=xmlSecDSigCtxSign:file=xmldsig.c:line=296:obj=unknown:subj=xmlSecDSigCtxProcessSignatureNode:error=1:xmlsec library function failed: Error: signature failed Error: failed to sign file "/tmp/tmp0_0qfj07.xml" output= _____________________________________ test _____________________________________ def test(): with closing(Server(config_file=dotname("idp_all_conf"))) as idp: conf = SPConfig() conf.load_file(dotname("servera_conf")) sp = Saml2Client(conf) srvs = sp.metadata.single_sign_on_service(idp.config.entityid, BINDING_HTTP_REDIRECT) destination = srvs[0]["location"] req_id, req = sp.create_authn_request(destination, id="id1") > info = http_redirect_message( req, destination, relay_state="RS", typ="SAMLRequest", sigalg=SIG_RSA_SHA1, sign=True, backend=sp.sec.sec_backend, ) tests/test_70_redirect_signing.py:33: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/pack.py:182: in http_redirect_message args["Signature"] = base64.b64encode(signer.sign(string_enc)) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:521: in sign return saml2.cryptography.asymmetric.key_sign(key or self.key, msg, self.digest) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ rsakey = message = b'SAMLRequest=pZNfb9MwFMW%2FSuT3%2FKvK6Kw2UmmZqBhQtWESvBn7rrWwrzPfm5F9%2BylZJvoAERKv9rk%2BPx8fL5EKuW75jAd4aIE46bxDkkjFSrQRZVBkSaLyQJK1PK4%2F3cpZVsgmBg46ODEOkPJuekIRQWQbUCS77UpYk35rHhr3viyvu%2B3VzcfyzojkDiLZgCsxywqR7Iha2CGxQl6JWTGbp2WZlvO6uJbzK1m8%2BS6SLRBbVDxMnZkbmecuaOXOgVguisUiJwp5BGMjaBbJfiR%2FZ9FYPE1D%2F3gRkfxQ1%2Ft0%2F%2BVYi2T9epFNQGo9xCPER6vh6%2BH2N4HFU8BMK1YunGyXEfQsb%2FPB%2F9EaiJ%2BVhxdzrzRI6JRvHGQ6%2BCFMGYNTaCQ1oloOC0MaMbkJ0Suexu5XrEnvB6kEZMtPovoHr2V%2BYVUt%2B3aMxQAz1GQTkKHjZBN8o6KlPnXolOZXykvVximiA9xXk73QUvc6ILlXRL9CNP0TgWYwdVRITYg8cv3x8P%2F3ra2H4xPqOvwEnLTK%2F5rIuHf5l6pn&RelayState=RS&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1' digest = def key_sign(rsakey, message, digest): """Sign the given message with the RSA key.""" padding = _asymmetric.padding.PKCS1v15() > signature = rsakey.sign(message, padding, digest) E cryptography.exceptions.UnsupportedAlgorithm: sha1 is not supported by this backend for RSA signing. ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/cryptography/asymmetric.py:17: UnsupportedAlgorithm _ TestAuthnResponse.test_signed_assertion_with_random_embedded_cert_should_be_ignored _ self = mock_validate_on_or_after = @patch("saml2.response.validate_on_or_after", return_value=True) def test_signed_assertion_with_random_embedded_cert_should_be_ignored(self, mock_validate_on_or_after): """ if the embedded cert is not ignored then verification will fail """ conf = config_factory("sp", dotname("server_conf")) ar = authn_response(conf, return_addrs="https://51.15.251.81.xip.io/acs/post") ar.issue_instant_ok = Mock(return_value=True) with open(SIGNED_ASSERTION_RANDOM_EMBEDDED_CERT) as fp: xml_response = fp.read() ar.outstanding_queries = {"id-abc": "http://localhost:8088/sso"} ar.timeslack = 10000 # .loads does not check the assertion, only the response signature # use .verify to verify the contents of the response assert ar.loads(xml_response, decode=False) > assert ar.verify() tests/test_xmlsec1_key_data.py:78: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/response.py:1026: in verify if self.parse_assertion(keys): ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/response.py:918: in parse_assertion if not self._assertion(assertion, False): ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/response.py:791: in _assertion self.sec.check_signature(assertion, class_name(assertion), self.xmlstr) ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1538: in check_signature return self._check_signature( _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = decoded_xml = '\n\n urn:mace:example.com:saml:roland:idp\n \n \n \n \n urn:mace:example.com:saml:roland:idp\n \n \n \n \n \n \n \n \n \n \n NHB0WhPWj5OyRz9N52fZrEBWK3dXT2pVVT54f4kg1tM=\n \n \n Mo4ZheAEDvdPQwWvT5SOYZZ2IBELwtmBpdsn+Th+IvsanychWQ6JHYKTI8hl+3DigbqQwdsqet8n9sfdvr+D+Q7XozjVaFPdzUGC9d96Mn/vrc+JIP/ESoDjDUQEsoSBhUFlrbu7tPJDJehPgd/maIwd/GqEHWXFlm1ZWVCmaH8=\n \n \n MIIFLDCCBBSgAwIBAgISA3UxXAgBWRS1D74GOLiAjky6MA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMTAxMTcyMDIxNTNaFw0yMTA0MTcyMDIxNTNaMB4xHDAaBgNVBAMTEzUxLjE1LjI1MS44MS54aXAuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkjSN9vZDOwE1m7g1vyiwBsKBKNItyy05BcHUkM8fabBcsavugT8uE4wYz5aeZrnKb5dbDLHaZe6Dl5GHgRO8s7REwSJ/BHT3/eMaEakLwIGE5/6QSWuBjOawPfmYarW5IqoITjSt/o/jxu3haouqbr7XYf1WOuZmc6iwGnEgm0+cVB4CA0VGnnLYfsjp9iMt3pFI8a8ipdwp5lfzZU+j8JMVEn6SZhNjjTAjcakBQmZv4Q5/yU6yqfGjG47DO62xB/PPbDy78hDorER2v8UkoDTGV4aZrZaNltHBUxNohIiQnkhuakMmbf0NhA2ExBJw6KTCCxfYkyUX3CgYzaAnxAgMBAAGjggJOMIICSjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFHD7gcF0sNITPqhwcUlFyOBrkxRFMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMB4GA1UdEQQXMBWCEzUxLjE1LjI1MS44MS54aXAuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdQBc3EOS/uarRUSxXprUVuYQN/vV+kfcoXOUsl7m9scOygAAAXcSOcqvAAAEAwBGMEQCIFhvPWYY+2VO55bHO1Sa9zJQk7B1kvCi7sfDCxAYp7mEAiBTKx6XD0GkfNGhji0LGuelvfD7gZOUSzURlJW1ahYcgQB3APZclC/RdzAiFFQYCDCUVo7jTRMZM7/fDC8gC8xO8WTjAAABdxI5yq4AAAQDAEgwRgIhAONNwcNZ66IxsWcUNDS0B9KV8Kk4VS9b/wUFNBHAQl3SAiEAxO5GwgaK3glL/6L/J7qpiedJBAs3h5406MWC0v4uYZ8wDQYJKoZIhvcNAQELBQADggEBAAZgbgfOb4+uI9kMGF4fMiompHeUFDXGyIND6y4FsfWHJG4Fn3aG+VQN/UtHeO8UusjS13/2yw3O+PeNTstBl+q6Ssega8zTYx2j3h3RFqM9JR8SWa83B0UTgyaxX3PTmfegV4/RZxC7KQ8pqjcLwKJSTgZF6W40Jo16tKVoi0VQY/2Gre6E9D1tPVw//mDGJST/5IcbFvtr79uft76IA+T674qNgAriBKxWncSbGzE42w2QsYsGMHHJn3vKbNl7alll9eJBqvdi1Q7ay86oI7NDQ0PPwjnB0/i4BOO0qQBcBSUIPPEChcrooEqN9PwM20aoyIjje0rtDGSxnEQRrg0=\n MIIEZTCCA02gAwIBAgIQQAF1BIMUpMghjISpDBbN3zANBgkqhkiG9w0BAQsFADA/MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMTDkRTVCBSb290IENBIFgzMB4XDTIwMTAwNzE5MjE0MFoXDTIxMDkyOTE5MjE0MFowMjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxCzAJBgNVBAMTAlIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwIVKMz2oJTTDxLsjVWSw/iC8ZmmekKIp10mqrUrucVMsa+Oa/l1yKPXD0eUFFU1V4yeqKI5GfWCPEKpTm71O8Mu243AsFzzWTjn7c9p8FoLG77AlCQlh/o3cbMT5xys4Zvv2+Q7RVJFlqnBU840yFLuta7tj95gcOKlVKu2bQ6XpUA0ayvTvGbrZjR8+muLj1cpmfgwF126cm/7gcWt0oZYPRfH5wm78Sv3htzB2nFd1EbjzK0lwYi8YGd1ZrPxGPeiXOZT/zqItkel/xMY6pgJdz+dU/nPAeX1pnAXFK9jpP+Zs5Od3FOnBv5IhR2haa4ldbsTzFID9e1RoYvbFQIDAQABo4IBaDCCAWQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwSwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEBATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQub3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9EU1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEA2UzgyfWEiDcx27sT4rP8i2tiEmxYt0l+PAK3qB8oYevO4C5z70kHejWEHx2taPDY/laBL21/WKZuNTYQHHPD5b1tXgHXbnL7KqC401dk5VvCadTQsvd8S8MXjohyc9z9/G2948kLjmE6Flh9dDYrVYA9x2O+hEPGOaEOa1eePynBgPayvUfLqjBstzLhWVQLGAkXXmNs+5ZnPBxzDJOLxhF2JIbeQAcH5H0tZrUlo5ZYyOqA7s9pO5b85o3AM/OJ+CktFBQtfvBhcJVd9wvlwPsk+uyOy2HI7mNxKKgsBTt375teA2TwUdHkhVNcsAKX1H7GNNLOEADksd86wuoXvg==\n \n \n \n \n attack-name-id\n \n \n \n \n \n \n urn:mace:example.com:saml:roland:sp\n \n \n \n \n urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified\n \n \n \n\n' item = node_name = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' origdoc = '\n\n urn:mace:example.com:saml:roland:idp\n \n \n \n \n urn:mace:example.com:saml:roland:idp\n \n \n \n \n \n \n \n \n \n \n NHB0WhPWj5OyRz9N52fZrEBWK3dXT2pVVT54f4kg1tM=\n \n \n Mo4ZheAEDvdPQwWvT5SOYZZ2IBELwtmBpdsn+Th+IvsanychWQ6JHYKTI8hl+3DigbqQwdsqet8n9sfdvr+D+Q7XozjVaFPdzUGC9d96Mn/vrc+JIP/ESoDjDUQEsoSBhUFlrbu7tPJDJehPgd/maIwd/GqEHWXFlm1ZWVCmaH8=\n \n \n MIIFLDCCBBSgAwIBAgISA3UxXAgBWRS1D74GOLiAjky6MA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQswCQYDVQQDEwJSMzAeFw0yMTAxMTcyMDIxNTNaFw0yMTA0MTcyMDIxNTNaMB4xHDAaBgNVBAMTEzUxLjE1LjI1MS44MS54aXAuaW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkjSN9vZDOwE1m7g1vyiwBsKBKNItyy05BcHUkM8fabBcsavugT8uE4wYz5aeZrnKb5dbDLHaZe6Dl5GHgRO8s7REwSJ/BHT3/eMaEakLwIGE5/6QSWuBjOawPfmYarW5IqoITjSt/o/jxu3haouqbr7XYf1WOuZmc6iwGnEgm0+cVB4CA0VGnnLYfsjp9iMt3pFI8a8ipdwp5lfzZU+j8JMVEn6SZhNjjTAjcakBQmZv4Q5/yU6yqfGjG47DO62xB/PPbDy78hDorER2v8UkoDTGV4aZrZaNltHBUxNohIiQnkhuakMmbf0NhA2ExBJw6KTCCxfYkyUX3CgYzaAnxAgMBAAGjggJOMIICSjAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFHD7gcF0sNITPqhwcUlFyOBrkxRFMB8GA1UdIwQYMBaAFBQusxe3WFbLrlAJQOYfr52LFMLGMFUGCCsGAQUFBwEBBEkwRzAhBggrBgEFBQcwAYYVaHR0cDovL3IzLm8ubGVuY3Iub3JnMCIGCCsGAQUFBzAChhZodHRwOi8vcjMuaS5sZW5jci5vcmcvMB4GA1UdEQQXMBWCEzUxLjE1LjI1MS44MS54aXAuaW8wTAYDVR0gBEUwQzAIBgZngQwBAgEwNwYLKwYBBAGC3xMBAQEwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nwcy5sZXRzZW5jcnlwdC5vcmcwggEEBgorBgEEAdZ5AgQCBIH1BIHyAPAAdQBc3EOS/uarRUSxXprUVuYQN/vV+kfcoXOUsl7m9scOygAAAXcSOcqvAAAEAwBGMEQCIFhvPWYY+2VO55bHO1Sa9zJQk7B1kvCi7sfDCxAYp7mEAiBTKx6XD0GkfNGhji0LGuelvfD7gZOUSzURlJW1ahYcgQB3APZclC/RdzAiFFQYCDCUVo7jTRMZM7/fDC8gC8xO8WTjAAABdxI5yq4AAAQDAEgwRgIhAONNwcNZ66IxsWcUNDS0B9KV8Kk4VS9b/wUFNBHAQl3SAiEAxO5GwgaK3glL/6L/J7qpiedJBAs3h5406MWC0v4uYZ8wDQYJKoZIhvcNAQELBQADggEBAAZgbgfOb4+uI9kMGF4fMiompHeUFDXGyIND6y4FsfWHJG4Fn3aG+VQN/UtHeO8UusjS13/2yw3O+PeNTstBl+q6Ssega8zTYx2j3h3RFqM9JR8SWa83B0UTgyaxX3PTmfegV4/RZxC7KQ8pqjcLwKJSTgZF6W40Jo16tKVoi0VQY/2Gre6E9D1tPVw//mDGJST/5IcbFvtr79uft76IA+T674qNgAriBKxWncSbGzE42w2QsYsGMHHJn3vKbNl7alll9eJBqvdi1Q7ay86oI7NDQ0PPwjnB0/i4BOO0qQBcBSUIPPEChcrooEqN9PwM20aoyIjje0rtDGSxnEQRrg0=\n MIIEZTCCA02gAwIBAgIQQAF1BIMUpMghjISpDBbN3zANBgkqhkiG9w0BAQsFADA/MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMTDkRTVCBSb290IENBIFgzMB4XDTIwMTAwNzE5MjE0MFoXDTIxMDkyOTE5MjE0MFowMjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxCzAJBgNVBAMTAlIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwIVKMz2oJTTDxLsjVWSw/iC8ZmmekKIp10mqrUrucVMsa+Oa/l1yKPXD0eUFFU1V4yeqKI5GfWCPEKpTm71O8Mu243AsFzzWTjn7c9p8FoLG77AlCQlh/o3cbMT5xys4Zvv2+Q7RVJFlqnBU840yFLuta7tj95gcOKlVKu2bQ6XpUA0ayvTvGbrZjR8+muLj1cpmfgwF126cm/7gcWt0oZYPRfH5wm78Sv3htzB2nFd1EbjzK0lwYi8YGd1ZrPxGPeiXOZT/zqItkel/xMY6pgJdz+dU/nPAeX1pnAXFK9jpP+Zs5Od3FOnBv5IhR2haa4ldbsTzFID9e1RoYvbFQIDAQABo4IBaDCCAWQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwSwYIKwYBBQUHAQEEPzA9MDsGCCsGAQUFBzAChi9odHRwOi8vYXBwcy5pZGVudHJ1c3QuY29tL3Jvb3RzL2RzdHJvb3RjYXgzLnA3YzAfBgNVHSMEGDAWgBTEp7Gkeyxx+tvhS5B1/8QVYIWJEDBUBgNVHSAETTBLMAgGBmeBDAECATA/BgsrBgEEAYLfEwEBATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vY3BzLnJvb3QteDEubGV0c2VuY3J5cHQub3JnMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuaWRlbnRydXN0LmNvbS9EU1RST09UQ0FYM0NSTC5jcmwwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEA2UzgyfWEiDcx27sT4rP8i2tiEmxYt0l+PAK3qB8oYevO4C5z70kHejWEHx2taPDY/laBL21/WKZuNTYQHHPD5b1tXgHXbnL7KqC401dk5VvCadTQsvd8S8MXjohyc9z9/G2948kLjmE6Flh9dDYrVYA9x2O+hEPGOaEOa1eePynBgPayvUfLqjBstzLhWVQLGAkXXmNs+5ZnPBxzDJOLxhF2JIbeQAcH5H0tZrUlo5ZYyOqA7s9pO5b85o3AM/OJ+CktFBQtfvBhcJVd9wvlwPsk+uyOy2HI7mNxKKgsBTt375teA2TwUdHkhVNcsAKX1H7GNNLOEADksd86wuoXvg==\n \n \n \n \n attack-name-id\n \n \n \n \n \n \n urn:mace:example.com:saml:roland:sp\n \n \n \n \n urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified\n \n \n \n\n' must = False, only_valid_cert = False, issuer = None def _check_signature( self, decoded_xml, item, node_name=NODE_NAME, origdoc=None, must=False, only_valid_cert=False, issuer=None ): try: _issuer = item.issuer.text.strip() except AttributeError: _issuer = None if _issuer is None: try: _issuer = issuer.text.strip() except AttributeError: _issuer = None # More trust in certs from metadata then certs in the XML document if self.metadata: try: _certs = self.metadata.certs(_issuer, "any", "signing") except KeyError: _certs = [] certs = [] for cert_name, cert in _certs: if isinstance(cert, str): content = pem_format(cert) tmp = make_temp(content, suffix=".pem", decode=False, delete_tmpfiles=self.delete_tmpfiles) certs.append(tmp) else: certs.append(cert) else: certs = [] if not certs and not self.only_use_keys_in_metadata: logger.debug("==== Certs from instance ====") certs = [ make_temp(content=pem_format(cert), suffix=".pem", decode=False, delete_tmpfiles=self.delete_tmpfiles) for cert in cert_from_instance(item) ] else: logger.debug("==== Certs from metadata ==== %s: %s ====", _issuer, certs) if not certs: raise MissingKey(_issuer) try: validate_doc_with_schema(str(item)) except XMLSchemaError as e: error_context = { "message": "Signature verification failed. Invalid document format.", "reason": str(e), "ID": item.id, "issuer": _issuer, "type": node_name, "document": decoded_xml, } raise SignatureError(error_context) from e # saml-core section "5.4 XML Signature Profile" defines constrains on the # xmldsig-core facilities. It explicitly dictates that enveloped signatures # are the only signatures allowed. This means that: # * Assertion/RequestType/ResponseType elements must have an ID attribute # * signatures must have a single Reference element # * the Reference element must have a URI attribute # * the URI attribute contains an anchor # * the anchor points to the enclosing element's ID attribute signed_info = item.signature.signed_info references = signed_info.reference signatures_must_have_a_single_reference_element = len(references) == 1 the_Reference_element_must_have_a_URI_attribute = signatures_must_have_a_single_reference_element and hasattr( references[0], "uri" ) the_URI_attribute_contains_an_anchor = ( the_Reference_element_must_have_a_URI_attribute and references[0].uri.startswith("#") and len(references[0].uri) > 1 ) the_anchor_points_to_the_enclosing_element_ID_attribute = ( the_URI_attribute_contains_an_anchor and references[0].uri == f"#{item.id}" ) # SAML implementations SHOULD use Exclusive Canonicalization, # with or without comments canonicalization_method_is_c14n = signed_info.canonicalization_method.algorithm in ALLOWED_CANONICALIZATIONS # Signatures in SAML messages SHOULD NOT contain transforms other than the # - enveloped signature transform # (with the identifier http://www.w3.org/2000/09/xmldsig#enveloped-signature) # - or the exclusive canonicalization transforms # (with the identifier http://www.w3.org/2001/10/xml-exc-c14n# # or http://www.w3.org/2001/10/xml-exc-c14n#WithComments). transform_algos = [transform.algorithm for transform in references[0].transforms.transform] tranform_algos_valid = ALLOWED_TRANSFORMS.intersection(transform_algos) transform_algos_n = len(transform_algos) tranform_algos_valid_n = len(tranform_algos_valid) the_number_of_transforms_is_one_or_two = ( signatures_must_have_a_single_reference_element and 1 <= transform_algos_n <= 2 ) all_transform_algs_are_allowed = ( the_number_of_transforms_is_one_or_two and transform_algos_n == tranform_algos_valid_n ) the_enveloped_signature_transform_is_defined = ( the_number_of_transforms_is_one_or_two and TRANSFORM_ENVELOPED in transform_algos ) # The element is not defined for use with SAML signatures, # and SHOULD NOT be present. # Since it can be used in service of an attacker by carrying unsigned data, # verifiers SHOULD reject signatures that contain a element. object_element_is_not_present = not item.signature.object validators = { "signatures must have a single reference element": (signatures_must_have_a_single_reference_element), "the Reference element must have a URI attribute": (the_Reference_element_must_have_a_URI_attribute), "the URI attribute contains an anchor": (the_URI_attribute_contains_an_anchor), "the anchor points to the enclosing element ID attribute": ( the_anchor_points_to_the_enclosing_element_ID_attribute ), "canonicalization method is c14n": canonicalization_method_is_c14n, "the number of transforms is one or two": (the_number_of_transforms_is_one_or_two), "all transform algs are allowed": all_transform_algs_are_allowed, "the enveloped signature transform is defined": (the_enveloped_signature_transform_is_defined), "object element is not present": object_element_is_not_present, } if not all(validators.values()): error_context = { "message": "Signature failed to meet constraints on xmldsig", "validators": validators, "item ID": item.id, "reference URI": item.signature.signed_info.reference[0].uri, "issuer": _issuer, "node name": node_name, "xml document": decoded_xml, } raise SignatureError(error_context) verified = False last_pem_file = None for pem_fd in certs: try: last_pem_file = pem_fd.name if self.verify_signature( decoded_xml, pem_fd.name, node_name=node_name, node_id=item.id, ): verified = True break except XmlsecError as exc: logger.error("check_sig: %s", str(exc)) except Exception as exc: logger.error("check_sig: %s", str(exc)) raise if verified or only_valid_cert: if not self.cert_handler.verify_cert(last_pem_file): raise CertificateError("Invalid certificate!") else: > raise SignatureError("Failed to verify signature") E saml2.sigver.SignatureError: Failed to verify signature ../BUILDROOT/usr/lib/python3.13/site-packages/saml2/sigver.py:1525: SignatureError ------------------------------ Captured log call ------------------------------- ERROR saml2.sigver:sigver.py:869 returncode=1 error=func=xmlSecOpenSSLEvpSignatureVerify:file=evp_signatures.c:line=449:obj=rsa-sha1:subj=EVP_VerifyFinal_ex:error=4:crypto library function failed:openssl error: error:03000098:digital envelope routines::invalid digest func=xmlSecTransformVerifyNodeContent:file=transforms.c:line=1544:obj=rsa-sha1:subj=xmlSecTransformVerify:error=1:xmlsec library function failed: func=xmlSecDSigCtxVerify:file=xmldsig.c:line=367:obj=unknown:subj=xmlSecTransformVerifyNodeContent:error=1:xmlsec library function failed: Error: signature failed ERROR SignedInfo References (ok/all): 1/1 Manifests References (ok/all): 0/0 Error: failed to verify file "/tmp/tmpz82vrmyf.xml" output= ERROR saml2.sigver:sigver.py:1516 check_sig: ['/usr/bin/xmlsec1', '--verify', '--enabled-reference-uris', 'empty,same-doc', '--enabled-key-data', 'raw-x509-cert', '--pubkey-cert-pem', '/tmp/tmpw37mxsgd.pem', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'the-assertion-id', '--output', '/tmp/tmpkdcp4cpg.xml', '/tmp/tmpz82vrmyf.xml'] ERROR saml2.response:response.py:793 correctly_signed_response: Failed to verify signature =============================== warnings summary =============================== ../../../../../usr/lib64/python3.13/site-packages/bson/__init__.py:193 /usr/lib64/python3.13/site-packages/bson/__init__.py:193: DeprecationWarning: datetime.datetime.utcfromtimestamp() is deprecated and scheduled for removal in a future version. Use timezone-aware objects to represent datetimes in UTC: datetime.datetime.fromtimestamp(timestamp, datetime.UTC). EPOCH_NAIVE = datetime.datetime.utcfromtimestamp(0) tests/test_10_time_util.py: 2 warnings tests/test_20_assertion.py: 6 warnings tests/test_32_cache.py: 5 warnings tests/test_34_population.py: 4 warnings tests/test_41_response.py: 4 warnings tests/test_42_enc.py: 6 warnings tests/test_44_authnresp.py: 4 warnings tests/test_50_server.py: 160 warnings tests/test_51_client.py: 145 warnings tests/test_52_default_sign_alg.py: 6 warnings tests/test_62_vo.py: 2 warnings tests/test_63_ecp.py: 5 warnings tests/test_64_artifact.py: 4 warnings tests/test_65_authn_query.py: 7 warnings tests/test_66_name_id_mapping.py: 2 warnings tests/test_67_manage_name_id.py: 3 warnings tests/test_68_assertion_id.py: 4 warnings tests/test_89_http_post_relay_state.py: 2 warnings /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/time_util.py:177: DeprecationWarning: datetime.datetime.utcnow() is deprecated and scheduled for removal in a future version. Use timezone-aware objects to represent datetimes in UTC: datetime.datetime.now(datetime.UTC). return datetime.utcnow() + delta tests/test_50_server.py: 7 warnings tests/test_51_client.py: 27 warnings tests/test_63_ecp.py: 3 warnings tests/test_64_artifact.py: 2 warnings tests/test_65_authn_query.py: 5 warnings tests/test_66_name_id_mapping.py: 2 warnings tests/test_67_manage_name_id.py: 3 warnings tests/test_68_assertion_id.py: 2 warnings /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/time_util.py:187: DeprecationWarning: datetime.datetime.utcnow() is deprecated and scheduled for removal in a future version. Use timezone-aware objects to represent datetimes in UTC: datetime.datetime.now(datetime.UTC). return datetime.utcnow() - delta tests/test_50_server.py: 18 warnings tests/test_51_client.py: 10 warnings tests/test_81_certificates.py: 12 warnings /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/cert.py:141: DeprecationWarning: CSR support in pyOpenSSL is deprecated. You should use the APIs in cryptography. cert = crypto.X509Req() tests/test_50_server.py: 18 warnings tests/test_51_client.py: 10 warnings tests/test_81_certificates.py: 12 warnings /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/cert.py:161: DeprecationWarning: CSR support in pyOpenSSL is deprecated. You should use the APIs in cryptography. tmp_cert = crypto.dump_certificate_request(crypto.FILETYPE_PEM, cert) tests/test_50_server.py: 18 warnings tests/test_51_client.py: 10 warnings tests/test_81_certificates.py: 12 warnings /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/cert.py:246: DeprecationWarning: CSR support in pyOpenSSL is deprecated. You should use the APIs in cryptography. req_cert = crypto.load_certificate_request(crypto.FILETYPE_PEM, request_cert_str) tests/test_50_server.py: 8 warnings tests/test_81_certificates.py: 17 warnings /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/cert.py:281: DeprecationWarning: datetime.datetime.utcnow() is deprecated and scheduled for removal in a future version. Use timezone-aware objects to represent datetimes in UTC: datetime.datetime.now(datetime.UTC). now = pytz.UTC.localize(datetime.datetime.utcnow()) tests/test_50_server.py::TestServer1::test_encrypted_response_6 tests/test_50_server.py::TestServer1::test_encrypted_response_6 tests/test_50_server.py::TestServer1NonAsciiAva::test_encrypted_response_6 tests/test_50_server.py::TestServer1NonAsciiAva::test_encrypted_response_6 tests/test_81_certificates.py::TestGenerateCertificates::test_validate_cert_chains tests/test_81_certificates.py::TestGenerateCertificates::test_validate_expire tests/test_81_certificates.py::TestGenerateCertificates::test_validate_with_root_cert tests/test_81_certificates.py::TestGenerateCertificates::test_validate_with_root_cert tests/test_81_certificates.py::TestGenerateCertificates::test_validate_with_root_cert /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/cert.py:331: DeprecationWarning: verify() is deprecated. Use the equivalent APIs in cryptography. crypto.verify(ca_cert, cert_crypto.signature, cert_crypto.tbs_certificate_bytes, cert_algorithm) tests/test_92_aes.py: 35 warnings /builddir/build/BUILD/python-pysaml2-7.4.2-build/BUILDROOT/usr/lib/python3.13/site-packages/saml2/cryptography/symmetric.py:124: DeprecationWarning: AESCipher type is deprecated. It will be removed in the next version. Use saml2.cryptography.symmetric.Default or saml2.cryptography.symmetric.Fernet instead. _warn(_deprecation_msg, DeprecationWarning) -- Docs: https://docs.pytest.org/en/stable/how-to/capture-warnings.html =========================== short test summary info ============================ SKIPPED [1] tests/test_37_entity_categories.py:296: Temporarily disabled SKIPPED [1] tests/test_37_entity_categories.py:325: Temporarily disabled SKIPPED [1] tests/test_37_entity_categories.py:358: Temporarily disabled SKIPPED [1] tests/test_40_sigver.py:101: pyasn1 is not installed SKIPPED [1] tests/test_60_sp.py:59: s2repoze dependencies not installed SKIPPED [1] tests/test_60_sp.py:62: s2repoze dependencies not installed ERROR tests/test_41_response.py::TestResponse::test_1 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-hJuPStQGneGHIgoXq', '--output', '/tmp/tmp872j661j.xml', '/tmp/tmpw_dwoozn.xml'] ERROR tests/test_41_response.py::TestResponse::test_2 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-hJuPStQGneGHIgoXq', '--output', '/tmp/tmp872j661j.xml', '/tmp/tmpw_dwoozn.xml'] ERROR tests/test_41_response.py::TestResponse::test_issuer_none - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-hJuPStQGneGHIgoXq', '--output', '/tmp/tmp872j661j.xml', '/tmp/tmpw_dwoozn.xml'] ERROR tests/test_41_response.py::TestResponse::test_false_sign - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-hJuPStQGneGHIgoXq', '--output', '/tmp/tmp872j661j.xml', '/tmp/tmpw_dwoozn.xml'] ERROR tests/test_41_response.py::TestResponse::test_other_response - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-hJuPStQGneGHIgoXq', '--output', '/tmp/tmp872j661j.xml', '/tmp/tmpw_dwoozn.xml'] ERROR tests/test_44_authnresp.py::TestAuthnResponse::test_verify_1 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-PyOyMYvUbM5R58qna', '--output', '/tmp/tmpvqmh45is.xml', '/tmp/tmpmrx3tflz.xml'] ERROR tests/test_44_authnresp.py::TestAuthnResponse::test_verify_signed_1 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-PyOyMYvUbM5R58qna', '--output', '/tmp/tmpvqmh45is.xml', '/tmp/tmpmrx3tflz.xml'] ERROR tests/test_44_authnresp.py::TestAuthnResponse::test_parse_2 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-PyOyMYvUbM5R58qna', '--output', '/tmp/tmpvqmh45is.xml', '/tmp/tmpmrx3tflz.xml'] ERROR tests/test_44_authnresp.py::TestAuthnResponse::test_verify_w_authn - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-PyOyMYvUbM5R58qna', '--output', '/tmp/tmpvqmh45is.xml', '/tmp/tmpmrx3tflz.xml'] ERROR tests/test_44_authnresp.py::TestAuthnResponse::test_unpack_nested_eptid - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-PyOyMYvUbM5R58qna', '--output', '/tmp/tmpvqmh45is.xml', '/tmp/tmpmrx3tflz.xml'] ERROR tests/test_44_authnresp.py::TestAuthnResponse::test_multiple_attribute_statement - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-PyOyMYvUbM5R58qna', '--output', '/tmp/tmpvqmh45is.xml', '/tmp/tmpmrx3tflz.xml'] FAILED tests/test_39_metadata.py::test_signed_metadata_proper_str_bytes_handling - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:metadata:EntityDescriptor', '--output', '/tmp/tmppxxa5dli.xml', '/tmp/tmplqjrl2m6.xml'] FAILED tests/test_40_sigver.py::TestSecurity::test_sign_assertion - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11111', '--output', '/tmp/tmpiyp7ncis.xml', '/tmp/tmposoci60c.xml'] FAILED tests/test_40_sigver.py::TestSecurity::test_multiple_signatures_assertion - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11111', '--output', '/tmp/tmpfr5z7zx8.xml', '/tmp/tmptuvvgefj.xml'] FAILED tests/test_40_sigver.py::TestSecurity::test_multiple_signatures_response - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11111', '--output', '/tmp/tmpk6_abcmj.xml', '/tmp/tmpjrotcmhq.xml'] FAILED tests/test_40_sigver.py::TestSecurity::test_sign_response - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11111', '--output', '/tmp/tmpheqmgdaf.xml', '/tmp/tmp3_fomgrt.xml'] FAILED tests/test_40_sigver.py::TestSecurity::test_sign_response_2 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11122', '--output', '/tmp/tmptj7vy8z4.xml', '/tmp/tmphxruip23.xml'] FAILED tests/test_40_sigver.py::TestSecurity::test_sign_verify - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11111', '--output', '/tmp/tmplhdn5x1y.xml', '/tmp/tmp9vew77m9.xml'] FAILED tests/test_40_sigver.py::TestSecurity::test_sign_verify_with_cert_from_instance - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11111', '--output', '/tmp/tmpomjw_pha.xml', '/tmp/tmpmv4o2ztf.xml'] FAILED tests/test_40_sigver.py::TestSecurity::test_sign_verify_assertion_with_cert_from_instance - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11100', '--output', '/tmp/tmp_nwjqffc.xml', '/tmp/tmpj1557288.xml'] FAILED tests/test_40_sigver.py::TestSecurity::test_exception_sign_verify_with_cert_from_instance - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:Response', '--node-id', 'id-22222', '--output', '/tmp/tmps4nshkr4.xml', '/tmp/tmp5z7rbcs1.xml'] FAILED tests/test_40_sigver.py::TestSecurityNonAsciiAva::test_sign_assertion - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11111', '--output', '/tmp/tmpk2dg0zw_.xml', '/tmp/tmpr5jqk7qm.xml'] FAILED tests/test_40_sigver.py::TestSecurityNonAsciiAva::test_multiple_signatures_assertion - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11111', '--output', '/tmp/tmp72q_3_0k.xml', '/tmp/tmpa1kekj1k.xml'] FAILED tests/test_40_sigver.py::TestSecurityNonAsciiAva::test_multiple_signatures_response - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11111', '--output', '/tmp/tmp21zy2zgx.xml', '/tmp/tmpc7jlsvpd.xml'] FAILED tests/test_40_sigver.py::TestSecurityNonAsciiAva::test_sign_response - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11111', '--output', '/tmp/tmpsc6c2stl.xml', '/tmp/tmp98fikr0l.xml'] FAILED tests/test_40_sigver.py::TestSecurityNonAsciiAva::test_sign_response_2 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11122', '--output', '/tmp/tmp3o5yqk29.xml', '/tmp/tmp5y45dmcq.xml'] FAILED tests/test_40_sigver.py::TestSecurityNonAsciiAva::test_sign_verify - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11111', '--output', '/tmp/tmpqx1bzu0t.xml', '/tmp/tmpgg328ijq.xml'] FAILED tests/test_40_sigver.py::TestSecurityNonAsciiAva::test_sign_verify_with_cert_from_instance - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11111', '--output', '/tmp/tmpk_0esw4y.xml', '/tmp/tmpoielehpa.xml'] FAILED tests/test_40_sigver.py::TestSecurityNonAsciiAva::test_sign_verify_assertion_with_cert_from_instance - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11100', '--output', '/tmp/tmptudmm2mc.xml', '/tmp/tmpgymicu_0.xml'] FAILED tests/test_40_sigver.py::TestSecurityNonAsciiAva::test_exception_sign_verify_with_cert_from_instance - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:Response', '--node-id', 'id-22222', '--output', '/tmp/tmplt3sbksz.xml', '/tmp/tmpqcu9v68s.xml'] FAILED tests/test_40_sigver.py::test_xbox - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11111', '--output', '/tmp/tmp_sumhu01.xml', '/tmp/tmpihsdeetl.xml'] FAILED tests/test_40_sigver.py::test_xbox_non_ascii_ava - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-11111', '--output', '/tmp/tmpn7_wim4c.xml', '/tmp/tmpl2poq6j5.xml'] FAILED tests/test_50_server.py::TestServer1::test_signed_response - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-0Gz9UUhm1VxQ0njSV', '--output', '/tmp/tmpqz4or8kp.xml', '/tmp/tmp_o0899i5.xml'] FAILED tests/test_50_server.py::TestServer1::test_signed_response_1 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-RBcCGIcxbG1M41Xhs', '--output', '/tmp/tmpnmi2j8hw.xml', '/tmp/tmpt0aguj_s.xml'] FAILED tests/test_50_server.py::TestServer1::test_signed_response_2 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:Response', '--node-id', 'id-Ziafb04JcgZIbuux2', '--output', '/tmp/tmps32s82v_.xml', '/tmp/tmp5lffp91u.xml'] FAILED tests/test_50_server.py::TestServer1::test_signed_response_3 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-NDttN26JCBl65LyDm', '--output', '/tmp/tmpk5w2eaqp.xml', '/tmp/tmpu7n7gk8u.xml'] FAILED tests/test_50_server.py::TestServer1::test_encrypted_signed_response_1 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-Alm0rti0RCzP4ENQT', '--output', '/tmp/tmpqlw2h6ty.xml', '/tmp/tmp6dqun4d6.xml'] FAILED tests/test_50_server.py::TestServer1::test_encrypted_signed_response_2 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:Response', '--node-id', 'id-DpIWKDnCJP0bAL0TS', '--output', '/tmp/tmp7yggpw1e.xml', '/tmp/tmpa1d38zdw.xml'] FAILED tests/test_50_server.py::TestServer1::test_encrypted_signed_response_3 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-uYbYYgcAtHSgiTbLx', '--output', '/tmp/tmpm2k74ivo.xml', '/tmp/tmp2p6lbgax.xml'] FAILED tests/test_50_server.py::TestServer1::test_encrypted_signed_response_4 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-FAOPUZocQ5rpVUGko', '--output', '/tmp/tmpomwz82g4.xml', '/tmp/tmpqwks3l3z.xml'] FAILED tests/test_50_server.py::TestServer1NonAsciiAva::test_signed_response - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-jEG0tyQoiSUdUyYHq', '--output', '/tmp/tmpjcdptgl1.xml', '/tmp/tmpeax1813k.xml'] FAILED tests/test_50_server.py::TestServer1NonAsciiAva::test_signed_response_1 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-1njYsbMxawQ3ZmMxv', '--output', '/tmp/tmpu18q4bj4.xml', '/tmp/tmp9gpj3kvp.xml'] FAILED tests/test_50_server.py::TestServer1NonAsciiAva::test_signed_response_2 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:Response', '--node-id', 'id-KXfqr2UY081sbWWg9', '--output', '/tmp/tmp2hl7vx8e.xml', '/tmp/tmpgis3fp41.xml'] FAILED tests/test_50_server.py::TestServer1NonAsciiAva::test_signed_response_3 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-rmqLR8Erq4B0Mnyzh', '--output', '/tmp/tmpp2s155dq.xml', '/tmp/tmppmca5ni2.xml'] FAILED tests/test_50_server.py::TestServer1NonAsciiAva::test_encrypted_signed_response_1 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-zduoBe77nVZgnvfwa', '--output', '/tmp/tmpany64e6y.xml', '/tmp/tmpqavvatw4.xml'] FAILED tests/test_50_server.py::TestServer1NonAsciiAva::test_encrypted_signed_response_2 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:Response', '--node-id', 'id-LAPwP5soJp6W3SUPc', '--output', '/tmp/tmpnxpjd61s.xml', '/tmp/tmpygt_6dp3.xml'] FAILED tests/test_50_server.py::TestServer1NonAsciiAva::test_encrypted_signed_response_3 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-6E7KMc1eRhpUASjO5', '--output', '/tmp/tmp6qgprldo.xml', '/tmp/tmp6aurqc9d.xml'] FAILED tests/test_50_server.py::TestServer1NonAsciiAva::test_encrypted_signed_response_4 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-gUt0T1RM0KClBqjjb', '--output', '/tmp/tmpmkmh_g6o.xml', '/tmp/tmpqd0mfhbf.xml'] FAILED tests/test_51_client.py::TestClient::test_sign_auth_request_0 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:AuthnRequest', '--node-id', 'id1', '--output', '/tmp/tmpcglqf0gl.xml', '/tmp/tmp1gbdke84.xml'] FAILED tests/test_51_client.py::TestClient::test_logout_response - saml2.SAMLError: {'message': 'No supported bindings found to create LogoutResponse', 'issuer': 'urn:mace:example.com:saml:roland:idp', 'response_bindings': ['urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST', 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect']} FAILED tests/test_51_client.py::TestClient::test_response_1 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:Response', '--node-id', 'id-8n8zkRsWwpnmHcBJ8', '--output', '/tmp/tmpw3vx_iq_.xml', '/tmp/tmp5cujdgje.xml'] FAILED tests/test_51_client.py::TestClient::test_response_2 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-vFUVwHRj1g4pac24T', '--output', '/tmp/tmppf5_y1e_.xml', '/tmp/tmp3r8tppg8.xml'] FAILED tests/test_51_client.py::TestClient::test_response_3 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-W663l1bMLtV4lRqnV', '--output', '/tmp/tmpb_19t3ug.xml', '/tmp/tmpugkaump4.xml'] FAILED tests/test_51_client.py::TestClient::test_response_4 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-9k2ePNKkRijPKvXD9', '--output', '/tmp/tmpiy0yon2b.xml', '/tmp/tmphgrd_lea.xml'] FAILED tests/test_51_client.py::TestClient::test_response_5 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-oTA1QuNwJOFnxtJc6', '--output', '/tmp/tmpc_nzrv27.xml', '/tmp/tmp0wjpjat_.xml'] FAILED tests/test_51_client.py::TestClient::test_response_6 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-VCtk3qmCtjZmuZE0q', '--output', '/tmp/tmp64qvp6lp.xml', '/tmp/tmpl1pttpns.xml'] FAILED tests/test_51_client.py::TestClient::test_response_7 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-tb8muekgOkbt8yEoH', '--output', '/tmp/tmp7b12l42r.xml', '/tmp/tmp6__3tlhq.xml'] FAILED tests/test_51_client.py::TestClient::test_response_8 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-b7CPdVEmATKJO5w6C', '--output', '/tmp/tmpto157otm.xml', '/tmp/tmpx0_w7crm.xml'] FAILED tests/test_51_client.py::TestClient::test_sign_then_encrypt_assertion - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-RLIkHbUith2sp4v0h', '--output', '/tmp/tmpq1je0x4h.xml', '/tmp/tmp4dx0gpri.xml'] FAILED tests/test_51_client.py::TestClient::test_sign_then_encrypt_assertion2 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-dPln1sBmWfdVyZLpd', '--output', '/tmp/tmp7s_s_4m6.xml', '/tmp/tmpyc6_bm_5.xml'] FAILED tests/test_51_client.py::TestClient::test_sign_then_encrypt_assertion_advice_1 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-ry5eo6xodatpCLkw8', '--output', '/tmp/tmpaonipbri.xml', '/tmp/tmpnywvej89.xml'] FAILED tests/test_51_client.py::TestClient::test_sign_then_encrypt_assertion_advice_2 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-PsG6qL4jJtVlS7sy9', '--output', '/tmp/tmppbk7yv70.xml', '/tmp/tmps8fane72.xml'] FAILED tests/test_51_client.py::TestClient::test_signed_with_default_algo_redirect - cryptography.exceptions.UnsupportedAlgorithm: sha1 is not supported by this backend for RSA signing. FAILED tests/test_51_client.py::TestClient::test_do_logout_signed_redirect - cryptography.exceptions.UnsupportedAlgorithm: sha1 is not supported by this backend for RSA signing. FAILED tests/test_51_client.py::TestClient::test_do_logout_signed_redirect_invalid - cryptography.exceptions.UnsupportedAlgorithm: sha1 is not supported by this backend for RSA signing. FAILED tests/test_51_client.py::TestClient::test_do_logout_post - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:LogoutRequest', '--node-id', 'id-gzsf9frpqP1MrLxHD', '--output', '/tmp/tmpq4_u70fn.xml', '/tmp/tmpr2agz_64.xml'] FAILED tests/test_51_client.py::TestClient::test_do_logout_session_expired - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:LogoutRequest', '--node-id', 'id-p9jUlh2LvJafJKauM', '--output', '/tmp/tmp8q8ryeho.xml', '/tmp/tmpzxmcy4ei.xml'] FAILED tests/test_51_client.py::TestClient::test_signature_wants - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:Response', '--node-id', 'id-KuUw8viD60Fye7YiJ', '--output', '/tmp/tmptcjxmq5x.xml', '/tmp/tmp8l0b85dk.xml'] FAILED tests/test_51_client.py::TestClientNonAsciiAva::test_sign_auth_request_0 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:AuthnRequest', '--node-id', 'id1', '--output', '/tmp/tmpn6ym0d3r.xml', '/tmp/tmpx3z06cl5.xml'] FAILED tests/test_51_client.py::TestClientNonAsciiAva::test_response_1 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:Response', '--node-id', 'id-V5M9GNMsBsAtnIXek', '--output', '/tmp/tmpfp3hsabp.xml', '/tmp/tmp133rdgw9.xml'] FAILED tests/test_51_client.py::TestClientNonAsciiAva::test_response_2 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-VReVMkBGxu21YaP5a', '--output', '/tmp/tmpc_sp8ost.xml', '/tmp/tmpf815t6h6.xml'] FAILED tests/test_51_client.py::TestClientNonAsciiAva::test_response_3 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-WmXXdTckrSIud5ymd', '--output', '/tmp/tmptbb0fhs4.xml', '/tmp/tmpfjwflnt2.xml'] FAILED tests/test_51_client.py::TestClientNonAsciiAva::test_response_4 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-04iESq0zhEQS3bLpu', '--output', '/tmp/tmpqvlguljj.xml', '/tmp/tmpavt1085_.xml'] FAILED tests/test_51_client.py::TestClientNonAsciiAva::test_response_5 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-b0eKJeliVD7GHvq47', '--output', '/tmp/tmprrfnggc_.xml', '/tmp/tmpsy04edmg.xml'] FAILED tests/test_51_client.py::TestClientNonAsciiAva::test_response_6 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-xOkw62bp0Uj14hQFq', '--output', '/tmp/tmpoj2vgevv.xml', '/tmp/tmpp0_si__9.xml'] FAILED tests/test_51_client.py::TestClientNonAsciiAva::test_response_7 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-cXuMDNVeNCqRg4f8K', '--output', '/tmp/tmp38zk_3oj.xml', '/tmp/tmpnhhvthtg.xml'] FAILED tests/test_51_client.py::TestClientNonAsciiAva::test_response_8 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-xJnsL1xiLFMgLhJwg', '--output', '/tmp/tmpedplml10.xml', '/tmp/tmp17u6twqb.xml'] FAILED tests/test_51_client.py::TestClientNonAsciiAva::test_sign_then_encrypt_assertion - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-NRYXEKaUUgc1akr7J', '--output', '/tmp/tmpj87r93fn.xml', '/tmp/tmpx1xattoj.xml'] FAILED tests/test_51_client.py::TestClientNonAsciiAva::test_sign_then_encrypt_assertion2 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-RCUpRmyfGpEmwYm9r', '--output', '/tmp/tmpag_ch7qq.xml', '/tmp/tmprn6unsuy.xml'] FAILED tests/test_51_client.py::TestClientNonAsciiAva::test_sign_then_encrypt_assertion_advice_1 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-TLcBsjm87DuO7iTPy', '--output', '/tmp/tmpza8ndkou.xml', '/tmp/tmpucx0bxu9.xml'] FAILED tests/test_51_client.py::TestClientNonAsciiAva::test_sign_then_encrypt_assertion_advice_2 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-Ykgbup5i9gfwg8Zw3', '--output', '/tmp/tmptsso23du.xml', '/tmp/tmpi0ogytg3.xml'] FAILED tests/test_51_client.py::TestClientNonAsciiAva::test_do_logout_signed_redirect - cryptography.exceptions.UnsupportedAlgorithm: sha1 is not supported by this backend for RSA signing. FAILED tests/test_51_client.py::TestClientNonAsciiAva::test_do_logout_post - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:LogoutRequest', '--node-id', 'id-99fCjzC9fFaBvE9yD', '--output', '/tmp/tmp6s9gkub9.xml', '/tmp/tmphnks4gsx.xml'] FAILED tests/test_51_client.py::TestClientNonAsciiAva::test_do_logout_session_expired - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:protocol:LogoutRequest', '--node-id', 'id-OsARhoSihF6W4Ki23', '--output', '/tmp/tmpwz2wwcca.xml', '/tmp/tmp2j283l6f.xml'] FAILED tests/test_52_default_sign_alg.py::TestSignedResponse::test_signed_response - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-ite2IfM2OFZGGUiBb', '--output', '/tmp/tmps2p8s84v.xml', '/tmp/tmpqr1ycnu1.xml'] FAILED tests/test_52_default_sign_alg.py::TestSignedResponse::test_signed_response_1 - saml2.sigver.SignatureError: ['/usr/bin/xmlsec1', '--sign', '--privkey-pem', '/builddir/build/BUILD/python-pysaml2-7.4.2-build/pysaml2-7.4.2/tests/test.key', '--id-attr:ID', 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion', '--node-id', 'id-d4U2kCEgl5uoervpI', '--output', '/tmp/tmpy2295s7r.xml', '/tmp/tmp0_0qfj07.xml'] FAILED tests/test_70_redirect_signing.py::test - cryptography.exceptions.UnsupportedAlgorithm: sha1 is not supported by this backend for RSA signing. FAILED tests/test_xmlsec1_key_data.py::TestAuthnResponse::test_signed_assertion_with_random_embedded_cert_should_be_ignored - saml2.sigver.SignatureError: Failed to verify signature = 77 failed, 691 passed, 6 skipped, 612 warnings, 11 errors in 171.57s (0:02:51) = RPM build errors: error: Bad exit status from /var/tmp/rpm-tmp.L1OQPe (%check) Bad exit status from /var/tmp/rpm-tmp.L1OQPe (%check) Finish: rpmbuild python-pysaml2-7.4.2-6.fc42.src.rpm Finish: build phase for python-pysaml2-7.4.2-6.fc42.src.rpm INFO: chroot_scan: 1 files copied to /var/lib/copr-rpmbuild/results/chroot_scan INFO: /var/lib/mock/fedora-rawhide-x86_64-1731577445.236555/root/var/log/dnf5.log INFO: chroot_scan: creating tarball /var/lib/copr-rpmbuild/results/chroot_scan.tar.gz /bin/tar: Removing leading `/' from member names ERROR: Exception(/var/lib/copr-rpmbuild/results/python-pysaml2-7.4.2-6.fc42.src.rpm) Config(fedora-rawhide-x86_64) 3 minutes 21 seconds INFO: Results and/or logs in: /var/lib/copr-rpmbuild/results INFO: Cleaning up build root ('cleanup_on_failure=True') Start: clean chroot INFO: unmounting tmpfs. Finish: clean chroot ERROR: Command failed: # /usr/bin/systemd-nspawn -q -M 12e36396510241469d552d02f176bcac -D /var/lib/mock/fedora-rawhide-x86_64-1731577445.236555/root -a -u mockbuild --capability=cap_ipc_lock --rlimit=RLIMIT_NOFILE=10240 --capability=cap_ipc_lock --bind=/tmp/mock-resolv.i5eya3v7:/etc/resolv.conf --bind=/dev/btrfs-control --bind=/dev/mapper/control --bind=/dev/fuse --bind=/dev/loop-control --bind=/dev/loop0 --bind=/dev/loop1 --bind=/dev/loop2 --bind=/dev/loop3 --bind=/dev/loop4 --bind=/dev/loop5 --bind=/dev/loop6 --bind=/dev/loop7 --bind=/dev/loop8 --bind=/dev/loop9 --bind=/dev/loop10 --bind=/dev/loop11 --console=pipe --setenv=TERM=vt100 --setenv=SHELL=/bin/bash --setenv=HOME=/builddir --setenv=HOSTNAME=mock --setenv=PATH=/usr/bin:/bin:/usr/sbin:/sbin '--setenv=PROMPT_COMMAND=printf "\033]0;\007"' '--setenv=PS1= \s-\v\$ ' --setenv=LANG=C.UTF-8 --resolv-conf=off bash --login -c '/usr/bin/rpmbuild -ba --noprep --target x86_64 /builddir/build/originals/python-pysaml2.spec' Copr build error: Build failed