Difference between sigver.signed_instance_factory and Entity.sign

c00kiemon5ter · c00kiemon5ter · commit c0c412e2f17e · 2020-12-07T22:46:36.000+02:00
Signed-off-by: Ivan Kanakarakis &lt;ivan.kanak@gmail.com&gt;
diff --git a/src/saml2/entity.py b/src/saml2/entity.py
@@ -467,7 +467,12 @@ def unpack_soap_message(text):
 
     # XXX DONE will actually use sign_alg and digest_alg for the POST-Binding
     # XXX DONE deepest level - needs to decide the sign_alg and digest_alg value
-    # XXX calls pre_signature_part
+    # XXX a controler for signed_instance_factory
+    # XXX syncs pre_signature_part and signed_instance_factory
+    # XXX makes sure pre_signature_part is called before signed_instance_factory
+    # XXX calls pre_signature_part - must have sign_alg & digest_alg
+    # XXX calls signed_instance_factory - after pre_signature_part
+    # XXX !!expects a msg object!!
     def sign(
         self,
         msg,
diff --git a/src/saml2/sigver.py b/src/saml2/sigver.py
@@ -301,6 +301,12 @@ def _instance(klass, ava, seccont, base64encode=False, elements_to_sign=None):
     return instance
 
 
+# XXX will actually sign the nodes
+# XXX assumes pre_signature_part has already been called
+# XXX calls sign without specifying sign_alg/digest_alg
+# XXX this is fine as the algs are embeded in the document
+# XXX as setup by pre_signature_part
+# XXX !!expects instance string!!
 def signed_instance_factory(instance, seccont, elements_to_sign=None):
     """
 
