Package: src:python-pysaml2
Version: 7.5.0-3
Severity: serious
Tags: ftbfs
Dear maintainer:
During a rebuild of all packages in unstable, your package failed to build:
--------------------------------------------------------------------------------
[...]
debian/rules build
make: pyversions: No such file or directory
py3versions: no X-Python3-Version in control file, using supported versions
dh build --buildsystem=pybuild --with python3,sphinxdoc
dh_update_autotools_config -O--buildsystem=pybuild
dh_autoreconf -O--buildsystem=pybuild
dh_auto_configure -O--buildsystem=pybuild
dh_auto_build -O--buildsystem=pybuild
I: pybuild plugin_pyproject:129: Building wheel for python3.13 with "build"
module
I: pybuild base:311: python3.13 -m build --skip-dependency-check --no-isolation
--wheel --outdir /<<PKGBUILDDIR>>/.pybuild/cpython3_3.13_pysaml2
* Building wheel...
Successfully built pysaml2-7.5.0-py3-none-any.whl
I: pybuild plugin_pyproject:144: Unpacking wheel built for python3.13 with
"installer" module
I: pybuild plugin_pyproject:129: Building wheel for python3.12 with "build"
module
[... snipped ...]
tests/test_51_client.py::TestClient::test_create_auth_request_0 PASSED [ 76%]
tests/test_51_client.py::TestClient::test_create_auth_request_requested_attributes
PASSED [ 76%]
tests/test_51_client.py::TestClient::test_create_auth_request_unset_force_authn_by_default
PASSED [ 76%]
tests/test_51_client.py::TestClient::test_create_auth_request_set_force_authn_not_true_or_1
PASSED [ 76%]
tests/test_51_client.py::TestClient::test_create_auth_request_set_force_authn_true
PASSED [ 76%]
tests/test_51_client.py::TestClient::test_create_auth_request_set_force_authn_1
PASSED [ 76%]
tests/test_51_client.py::TestClient::test_create_auth_request_nameid_policy_allow_create
PASSED [ 76%]
tests/test_51_client.py::TestClient::test_create_auth_request_vo PASSED [ 77%]
tests/test_51_client.py::TestClient::test_sign_auth_request_0 PASSED [ 77%]
tests/test_51_client.py::TestClient::test_logout_response PASSED [ 77%]
tests/test_51_client.py::TestClient::test_create_logout_request PASSED [ 77%]
tests/test_51_client.py::TestClient::test_response_1 PASSED [ 77%]
tests/test_51_client.py::TestClient::test_response_2 PASSED [ 77%]
tests/test_51_client.py::TestClient::test_response_3 PASSED [ 77%]
tests/test_51_client.py::TestClient::test_response_4 PASSED [ 77%]
tests/test_51_client.py::TestClient::test_response_5 PASSED [ 78%]
tests/test_51_client.py::TestClient::test_response_6 PASSED [ 78%]
tests/test_51_client.py::TestClient::test_response_7 PASSED [ 78%]
tests/test_51_client.py::TestClient::test_response_8 PASSED [ 78%]
tests/test_51_client.py::TestClient::test_response_no_name_id PASSED [ 78%]
tests/test_51_client.py::TestClient::test_init_values PASSED [ 78%]
tests/test_51_client.py::TestClient::test_sign_then_encrypt_assertion PASSED [
78%]
tests/test_51_client.py::TestClient::test_sign_then_encrypt_assertion2 PASSED [
78%]
tests/test_51_client.py::TestClient::test_sign_then_encrypt_assertion_advice_1
PASSED [ 79%]
tests/test_51_client.py::TestClient::test_sign_then_encrypt_assertion_advice_2
PASSED [ 79%]
tests/test_51_client.py::TestClient::test_signed_with_default_algo_redirect
PASSED [ 79%]
tests/test_51_client.py::TestClient::test_signed_redirect PASSED [ 79%]
tests/test_51_client.py::TestClient::test_signed_redirect_passes_if_needs_signed_requests
PASSED [ 79%]
tests/test_51_client.py::TestClient::test_signed_redirect_fail_if_needs_signed_request_but_received_unsigned
PASSED [ 79%]
tests/test_51_client.py::TestClient::test_signed_redirect_fail_if_needs_signed_request_but_sigalg_not_matches
PASSED [ 79%]
tests/test_51_client.py::TestClient::test_do_logout_signed_redirect PASSED [
79%]
tests/test_51_client.py::TestClient::test_do_logout_signed_redirect_invalid
PASSED [ 80%]
tests/test_51_client.py::TestClient::test_do_logout_post PASSED [ 80%]
tests/test_51_client.py::TestClient::test_do_logout_redirect_no_cache PASSED [
80%]
tests/test_51_client.py::TestClient::test_do_logout_session_expired PASSED [
80%]
tests/test_51_client.py::TestClient::test_signature_wants PASSED [ 80%]
tests/test_51_client.py::TestClientNonAsciiAva::test_create_attribute_query1
PASSED [ 80%]
tests/test_51_client.py::TestClientNonAsciiAva::test_create_attribute_query2
PASSED [ 80%]
tests/test_51_client.py::TestClientNonAsciiAva::test_create_attribute_query_3
PASSED [ 81%]
tests/test_51_client.py::TestClientNonAsciiAva::test_create_auth_request_0
PASSED [ 81%]
tests/test_51_client.py::TestClientNonAsciiAva::test_create_auth_request_unset_force_authn
PASSED [ 81%]
tests/test_51_client.py::TestClientNonAsciiAva::test_create_auth_request_set_force_authn
PASSED [ 81%]
tests/test_51_client.py::TestClientNonAsciiAva::test_create_auth_request_nameid_policy_allow_create
PASSED [ 81%]
tests/test_51_client.py::TestClientNonAsciiAva::test_create_auth_request_vo
PASSED [ 81%]
tests/test_51_client.py::TestClientNonAsciiAva::test_sign_auth_request_0 PASSED
[ 81%]
tests/test_51_client.py::TestClientNonAsciiAva::test_create_logout_request
PASSED [ 81%]
tests/test_51_client.py::TestClientNonAsciiAva::test_response_1 PASSED [ 82%]
tests/test_51_client.py::TestClientNonAsciiAva::test_response_2 PASSED [ 82%]
tests/test_51_client.py::TestClientNonAsciiAva::test_response_3 PASSED [ 82%]
tests/test_51_client.py::TestClientNonAsciiAva::test_response_4 PASSED [ 82%]
tests/test_51_client.py::TestClientNonAsciiAva::test_response_5 PASSED [ 82%]
tests/test_51_client.py::TestClientNonAsciiAva::test_response_6 PASSED [ 82%]
tests/test_51_client.py::TestClientNonAsciiAva::test_response_7 PASSED [ 82%]
tests/test_51_client.py::TestClientNonAsciiAva::test_response_8 PASSED [ 82%]
tests/test_51_client.py::TestClientNonAsciiAva::test_response_no_name_id PASSED
[ 83%]
tests/test_51_client.py::TestClientNonAsciiAva::test_response_error_status
PASSED [ 83%]
tests/test_51_client.py::TestClientNonAsciiAva::test_response_error_status_non_standard_status_code
PASSED [ 83%]
tests/test_51_client.py::TestClientNonAsciiAva::test_init_values PASSED [ 83%]
tests/test_51_client.py::TestClientNonAsciiAva::test_sign_then_encrypt_assertion
PASSED [ 83%]
tests/test_51_client.py::TestClientNonAsciiAva::test_sign_then_encrypt_assertion2
PASSED [ 83%]
tests/test_51_client.py::TestClientNonAsciiAva::test_sign_then_encrypt_assertion_advice_1
PASSED [ 83%]
tests/test_51_client.py::TestClientNonAsciiAva::test_sign_then_encrypt_assertion_advice_2
PASSED [ 83%]
tests/test_51_client.py::TestClientNonAsciiAva::test_signed_redirect PASSED [
84%]
tests/test_51_client.py::TestClientNonAsciiAva::test_do_logout_signed_redirect
PASSED [ 84%]
tests/test_51_client.py::TestClientNonAsciiAva::test_do_logout_post PASSED [
84%]
tests/test_51_client.py::TestClientNonAsciiAva::test_do_logout_session_expired
PASSED [ 84%]
tests/test_51_client.py::TestClientWithDummy::test_do_authn PASSED [ 84%]
tests/test_51_client.py::TestClientWithDummy::test_do_negotiated_authn PASSED [
84%]
tests/test_51_client.py::TestClientWithDummy::test_do_attribute_query PASSED [
84%]
tests/test_51_client.py::TestClientWithDummy::test_logout_1 PASSED [ 84%]
tests/test_51_client.py::TestClientWithDummy::test_post_sso PASSED [ 85%]
tests/test_51_client.py::TestClientWithDummy::test_negotiated_post_sso PASSED [
85%]
tests/test_51_client.py::TestClientNoConfigContext::test_logout_1 PASSED [ 85%]
tests/test_51_client.py::test_parse_soap_enveloped_saml_xxe PASSED [ 85%]
tests/test_52_default_sign_alg.py::TestSignedResponse::test_signed_response
PASSED [ 85%]
tests/test_52_default_sign_alg.py::TestSignedResponse::test_signed_response_1
PASSED [ 85%]
tests/test_52_default_sign_alg.py::TestSignedResponse::test_signed_response_2
PASSED [ 85%]
tests/test_60_sp.py::TestSP::test_setup PASSED [ 86%]
tests/test_60_sp.py::TestSP::test_identify PASSED [ 86%]
tests/test_62_vo.py::TestVirtualOrg::test_mta PASSED [ 86%]
tests/test_62_vo.py::TestVirtualOrg::test_unknown_subject PASSED [ 86%]
tests/test_62_vo.py::TestVirtualOrg::test_id PASSED [ 86%]
tests/test_62_vo.py::TestVirtualOrg::test_id_unknown PASSED [ 86%]
tests/test_62_vo.py::TestVirtualOrg_2::test_mta PASSED [ 86%]
tests/test_62_vo.py::TestVirtualOrg_2::test_unknown_subject PASSED [ 86%]
tests/test_62_vo.py::TestVirtualOrg_2::test_id PASSED [ 87%]
tests/test_62_vo.py::TestVirtualOrg_2::test_id_unknown PASSED [ 87%]
tests/test_63_ecp.py::test_complete_flow PASSED [ 87%]
tests/test_64_artifact.py::test_create_artifact PASSED [ 87%]
tests/test_64_artifact.py::test_create_artifact_resolve PASSED [ 87%]
tests/test_64_artifact.py::test_artifact_flow PASSED [ 87%]
tests/test_65_authn_query.py::test_basic PASSED [ 87%]
tests/test_65_authn_query.py::test_flow PASSED [ 87%]
tests/test_66_name_id_mapping.py::test_base_request PASSED [ 88%]
tests/test_66_name_id_mapping.py::test_request_response PASSED [ 88%]
tests/test_67_manage_name_id.py::test_basic PASSED [ 88%]
tests/test_67_manage_name_id.py::test_flow PASSED [ 88%]
tests/test_68_assertion_id.py::test_basic_flow PASSED [ 88%]
tests/test_69_discovery.py::test_verify PASSED [ 88%]
tests/test_69_discovery.py::test_construct_0 PASSED [ 88%]
tests/test_69_discovery.py::test_construct_1 PASSED [ 88%]
tests/test_69_discovery.py::test_construct_deconstruct_request PASSED [ 89%]
tests/test_69_discovery.py::test_construct_deconstruct_response PASSED [ 89%]
tests/test_70_redirect_signing.py::test PASSED [ 89%]
tests/test_71_authn_request.py::test_authn_request_with_acs_by_index PASSED [
89%]
tests/test_72_eptid.py::test_eptid PASSED [ 89%]
tests/test_72_eptid.py::test_eptid_shelve PASSED [ 89%]
tests/test_75_mongodb.py::test_flow PASSED [ 89%]
tests/test_75_mongodb.py::test_eptid_mongo_db PASSED [ 89%]
tests/test_76_metadata_in_mdb.py::test_metadata PASSED [ 90%]
tests/test_77_authn_context.py::test_passwd PASSED [ 90%]
tests/test_77_authn_context.py::test_factory PASSED [ 90%]
tests/test_77_authn_context.py::test_authn_decl_in_authn_context PASSED [ 90%]
tests/test_77_authn_context.py::test_authn_1 PASSED [ 90%]
tests/test_77_authn_context.py::test_authn_2 PASSED [ 90%]
tests/test_77_authn_context.py::test_authn_3 PASSED [ 90%]
tests/test_81_certificates.py::TestGenerateCertificates::test_validate_cert_chains
FAILED [ 91%]
tests/test_81_certificates.py::TestGenerateCertificates::test_validate_expire
PASSED [ 91%]
tests/test_81_certificates.py::TestGenerateCertificates::test_validate_passphrase
PASSED [ 91%]
tests/test_81_certificates.py::TestGenerateCertificates::test_validate_with_root_cert
FAILED [ 91%]
tests/test_88_nsprefix.py::test_nsprefix PASSED [ 91%]
tests/test_88_nsprefix.py::test_nsprefix2 PASSED [ 91%]
tests/test_89_http_post_relay_state.py::test_relay_state PASSED [ 91%]
tests/test_92_aes.py::TestAES::test_aes_defaults PASSED [ 91%]
tests/test_92_aes.py::TestAES::test_aes_128_cbc PASSED [ 92%]
tests/test_92_aes.py::TestAES::test_aes_128_cfb PASSED [ 92%]
tests/test_92_aes.py::TestAES::test_aes_192_cbc PASSED [ 92%]
tests/test_92_aes.py::TestAES::test_aes_192_cfb PASSED [ 92%]
tests/test_92_aes.py::TestAES::test_aes_256_cbc PASSED [ 92%]
tests/test_92_aes.py::TestAES::test_aes_256_cfb PASSED [ 92%]
tests/test_93_hok.py::TestHolderOfKeyResponse::test_valid_hok_response_is_parsed
PASSED [ 92%]
tests/test_93_hok.py::TestHolderOfKeyResponse::test_invalid_hok_response_fails_verification
PASSED [ 92%]
tests/test_94_read_cert.py::test_read_single_cert PASSED [ 93%]
tests/test_94_read_cert.py::test_read_cert_chain PASSED [ 93%]
tests/test_94_read_cert.py::test_read_cert_chain_with_linebreaks PASSED [ 93%]
tests/test_schema_validator.py::test_invalid_saml_metadata_doc[invalid_metadata_file.xml]
PASSED [ 93%]
tests/test_schema_validator.py::test_invalid_saml_metadata_doc[empty_metadata_file.xml]
PASSED [ 93%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[InCommon-metadata.xml]
PASSED [ 93%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[idp.xml] PASSED [
93%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[idp_2.xml] PASSED
[ 93%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[idp_aa.xml] PASSED
[ 94%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[idp_all.xml]
PASSED [ 94%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[idp_example.xml]
PASSED [ 94%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[idp_soap.xml]
PASSED [ 94%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[entity_cat_re.xml]
PASSED [ 94%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[entity_cat_re_nren.xml]
PASSED [ 94%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[entity_cat_rs.xml]
PASSED [ 94%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[entity_cat_sfs_hei.xml]
PASSED [ 94%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[entity_esi_and_coco_sp.xml]
PASSED [ 95%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[entity_no_friendly_name_sp.xml]
PASSED [ 95%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[extended.xml]
PASSED [ 95%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[idp_slo_redirect.xml]
PASSED [ 95%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[idp_uiinfo.xml]
PASSED [ 95%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[metadata.aaitest.xml]
PASSED [ 95%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[metadata.xml]
PASSED [ 95%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[metadata_cert.xml]
PASSED [ 96%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[metadata_example.xml]
PASSED [ 96%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[metadata_sp_1.xml]
PASSED [ 96%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[metadata_sp_1_no_encryption.xml]
PASSED [ 96%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[metadata_sp_2.xml]
PASSED [ 96%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[metasp.xml] PASSED
[ 96%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[pdp_meta.xml]
PASSED [ 96%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[servera.xml]
PASSED [ 96%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[sp.xml] PASSED [
97%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[sp_slo_redirect.xml]
PASSED [ 97%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[urn-mace-swami.se-swamid-test-1.0-metadata.xml]
PASSED [ 97%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[uu.xml] PASSED [
97%]
tests/test_schema_validator.py::test_valid_saml_metadata_doc[vo_metadata.xml]
PASSED [ 97%]
tests/test_schema_validator.py::test_valid_saml_response_doc[attribute_response.xml]
PASSED [ 97%]
tests/test_schema_validator.py::test_valid_saml_response_doc[okta_response.xml]
PASSED [ 97%]
tests/test_schema_validator.py::test_valid_saml_response_doc[simplesamlphp_authnresponse.xml]
PASSED [ 97%]
tests/test_schema_validator.py::test_valid_saml_response_doc[saml2_response.xml]
PASSED [ 98%]
tests/test_schema_validator.py::test_valid_saml_response_doc[saml_false_signed.xml]
PASSED [ 98%]
tests/test_schema_validator.py::test_valid_saml_response_doc[saml_hok.xml]
PASSED [ 98%]
tests/test_schema_validator.py::test_valid_saml_response_doc[saml_hok_invalid.xml]
PASSED [ 98%]
tests/test_schema_validator.py::test_valid_saml_response_doc[saml_signed.xml]
PASSED [ 98%]
tests/test_schema_validator.py::test_valid_saml_response_doc[saml_unsigned.xml]
PASSED [ 98%]
tests/test_schema_validator.py::test_valid_saml_partial_doc[encrypted_attribute_statement.xml]
PASSED [ 98%]
tests/test_schema_validator.py::test_valid_eidas_saml_response_doc[eidas_response.xml]
PASSED [ 98%]
tests/test_xmlsec1_key_data.py::TestAuthnResponse::test_signed_response_with_hmac_should_fail
PASSED [ 99%]
tests/test_xmlsec1_key_data.py::TestAuthnResponse::test_signed_assertion_with_hmac_should_fail
PASSED [ 99%]
tests/test_xmlsec1_key_data.py::TestAuthnResponse::test_signed_assertion_with_random_embedded_cert_should_be_ignored
PASSED [ 99%]
tests/test_xsw.py::TestXSW::test_signed_xsw_assertion_wrapper_should_fail
PASSED [ 99%]
tests/test_xsw.py::TestXSW::test_signed_xsw_assertion_extensions_should_fail
PASSED [ 99%]
tests/test_xsw.py::TestXSW::test_signed_xsw_assertion_assertion_should_fail
PASSED [ 99%]
tests/test_xsw.py::TestInvalidDepthFirstSig::test_signed_assertion_first_sig_should_fail
PASSED [ 99%]
tests/test_xsw.py::TestInvalidDepthFirstSig::test_signed_response_first_sig_should_fail
PASSED [100%]
=================================== FAILURES ===================================
____________________ TestServer1.test_encrypted_response_6 _____________________
self = <test_50_server.TestServer1 object at 0x7fac3add5d30>
def test_encrypted_response_6(self):
_server = Server("idp_conf_verify_cert")
cert_str_advice, cert_key_str_advice = generate_cert()
cert_str_assertion, cert_key_str_assertion = generate_cert()
> _resp = _server.create_authn_response(
self.ava,
"id12", # in_response_to
"http://lingon.catalogix.se:8087/";, # consumer_url
"urn:mace:example.com:saml:roland:sp", # sp_entity_id
name_id=self.name_id,
sign_response=False,
sign_assertion=False,
encrypt_assertion=True,
encrypt_assertion_self_contained=True,
pefim=True,
encrypt_cert_advice=cert_str_advice,
encrypt_cert_assertion=cert_str_assertion,
)
tests/test_50_server.py:911:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
saml2/server.py:833: in create_authn_response
args = self.gather_authn_response_args(
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <saml2.server.Server object at 0x7fac384175f0>
sp_entity_id = 'urn:mace:example.com:saml:roland:sp', name_id_policy = None
userid = None
kwargs = {'encrypt_assertion': True, 'encrypt_assertion_self_contained': True,
'encrypt_cert_advice': '-----BEGIN
CERTIFICATE-----\nMIICujCCAiMCAQEwDQYJKoZIhvcNAQELBQAwbTELMAkGA1UEBhMCc2UxCzAJBgNV\nBAgMAmFjMQ0wCwYDVQQHDAR1bWVhMRwwGgYDVQQKDBNJVFMgVW1lYSBVbml2ZXJz\naXR5MQ0wCwYDVQQLDARESVJHMRUwEwYDVQQDDAxsb2NhbGhvc3QuY2EwHhcNMjQx\nMjE0MTczNDE1WhcNMzQxMjEyMTczNDE1WjBaMQswCQYDVQQGEwJzZTELMAkGA1UE\nCAwCYWMxDTALBgNVBAcMBFVtZWExDDAKBgNVBAoMA0lUUzENMAsGA1UECwwERElS\nRzESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAoE31siosYpVA9p6/VPVN5LXNaNU7O97rLmca3YMurkZVb4sQqZ1AeDJn\nU5F7lS5PXZ7yyOe+3A0QcXQKGS1vS3ux/kvdV5U5IFFYgjnfsvCHfvSt/Clcsv6y\nbUO3Sr178sAapsvjnhHtOmJfWYrvTOKtSYtMuw/BH0Z2XQEc3kzlGUtFDrYOyHJ4\n9B0In5GjayQ7csOnEXqoDe+Caegb/ee8eK5op6TG0FpGGUEQT4zS2CYailU7yrol\nt3UL0dq4VE0XiCCNEc83KLoHyzmS/FVyXKXAX/TrN57S+0U2fu5qh3IItICw5X5W\nzoHnjKWOvWWawLLLClS2AldO+1P65wIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAFYw\n0THZGgeWGhLG+bjDlsnwb6eP1w1O4LoD0tgzudph9r4hD/vXGIA1rKQEZyD7DG/J\nF82hktOV
Wq9Ivf7tn9enQSmopRoQ23hafLnBce0RDkRaXjvBPgYeprQAO1onUfRD\nCD4eVGuCya4yYy2oG/sVPB3nMXmgCE6Zq1NVik7U\n-----END
CERTIFICATE-----\n', 'encrypt_cert_assertion': '-----BEGIN
CERTIFICATE-----\nMIICujCCAiMCAQEwDQYJKoZIhvcNAQELBQAwbTELMAkGA1UEBhMCc2UxCzAJBgNV\nBAgMAmFjMQ0wCwYDVQQHDAR1bWVhMRwwGgYDVQQKDBNJVFMgVW1lYSBVbml2ZXJz\naXR5MQ0wCwYDVQQLDARESVJHMRUwEwYDVQQDDAxsb2NhbGhvc3QuY2EwHhcNMjQx\nMjE0MTczNDE1WhcNMzQxMjEyMTczNDE1WjBaMQswCQYDVQQGEwJzZTELMAkGA1UE\nCAwCYWMxDTALBgNVBAcMBFVtZWExDDAKBgNVBAoMA0lUUzENMAsGA1UECwwERElS\nRzESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAr4qAYnKoePWcVxgNXeqHG+QEBMAjIkBMf9myaSxFiy1odkEuOSem7ntv\nX7GZEJU9XRPQxxvcQtY0vdvmflawMX3lgH6FHd4pM7/xb8wNGBEgCVBSU4JhBwP4\n/O9OaNLlU3uQ9dZSt9LEUDt08EWySxD2uto20tfDLtD6JD7gV0wKaG3Nm4IN6ig6\nNmXyt6GejUcmHCO0VJ7LgDejnY9pKQ+/w+AEddfdKAjiUM4gg1n8klpE75u5yOXC\nat17tsVYAx0wj6EbB4X9FdHHJirvWYQqIQK/KLNMlUr73ocvY6wUNqgfVP6NMC+y\nfvTCOT+k+FlxakmcZhco5WXqfBJtYwIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAGDe\nihJZXSeohzqPh9UrhoC
9+msKW7rcnUcKKHfPCftW7RMZqvqvqLspYakMzxfkK8zt\ngxzNj0V+/kq8NU7w4ZK3cExoLZaZhLbg1A6xf65e2kQI2zue95mMWxPWeM5vlwEV\nrxWOmiSbPJ+RLZbkxxUSVNsLlxty7T7dbjBfhNyG\n-----END
CERTIFICATE-----\n', ...}
args = {'best_effort': False, 'encrypt_assertion': True,
'encrypt_assertion_self_contained': True, 'encrypt_cert_advice': '-----BEGIN
CERTIFICATE-----\nMIICujCCAiMCAQEwDQYJKoZIhvcNAQELBQAwbTELMAkGA1UEBhMCc2UxCzAJBgNV\nBAgMAmFjMQ0wCwYDVQQHDAR1bWVhMRwwGgYDVQQKDBNJVFMgVW1lYSBVbml2ZXJz\naXR5MQ0wCwYDVQQLDARESVJHMRUwEwYDVQQDDAxsb2NhbGhvc3QuY2EwHhcNMjQx\nMjE0MTczNDE1WhcNMzQxMjEyMTczNDE1WjBaMQswCQYDVQQGEwJzZTELMAkGA1UE\nCAwCYWMxDTALBgNVBAcMBFVtZWExDDAKBgNVBAoMA0lUUzENMAsGA1UECwwERElS\nRzESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAoE31siosYpVA9p6/VPVN5LXNaNU7O97rLmca3YMurkZVb4sQqZ1AeDJn\nU5F7lS5PXZ7yyOe+3A0QcXQKGS1vS3ux/kvdV5U5IFFYgjnfsvCHfvSt/Clcsv6y\nbUO3Sr178sAapsvjnhHtOmJfWYrvTOKtSYtMuw/BH0Z2XQEc3kzlGUtFDrYOyHJ4\n9B0In5GjayQ7csOnEXqoDe+Caegb/ee8eK5op6TG0FpGGUEQT4zS2CYailU7yrol\nt3UL0dq4VE0XiCCNEc83KLoHyzmS/FVyXKXAX/TrN57S+0U2fu5qh3IItICw5X5W\nzoHnjKWOvWWawLLLClS2AldO+1P65wIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAFYw\n0THZGgeWGhLG+bjDlsnwb6eP1w1O4LoD0tgzudph9r4hD/vXGIA1rK
QEZyD7DG/J\nF82hktOVWq9Ivf7tn9enQSmopRoQ23hafLnBce0RDkRaXjvBPgYeprQAO1onUfRD\nCD4eVGuCya4yYy2oG/sVPB3nMXmgCE6Zq1NVik7U\n-----END
CERTIFICATE-----\n', ...}
param_defaults = {'best_effort': False, 'encrypt_assertion': False,
'encrypt_assertion_self_contained': True, 'encrypt_cert_advice': None, ...}
param = 'encrypt_cert_assertion', val_default = None
val_kw = '-----BEGIN
CERTIFICATE-----\nMIICujCCAiMCAQEwDQYJKoZIhvcNAQELBQAwbTELMAkGA1UEBhMCc2UxCzAJBgNV\nBAgMAmFjMQ0wCwYDVQQHDAR1bWVhMRwwGgYDVQQKDBNJVFMgVW1lYSBVbml2ZXJz\naXR5MQ0wCwYDVQQLDARESVJHMRUwEwYDVQQDDAxsb2NhbGhvc3QuY2EwHhcNMjQx\nMjE0MTczNDE1WhcNMzQxMjEyMTczNDE1WjBaMQswCQYDVQQGEwJzZTELMAkGA1UE\nCAwCYWMxDTALBgNVBAcMBFVtZWExDDAKBgNVBAoMA0lUUzENMAsGA1UECwwERElS\nRzESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAr4qAYnKoePWcVxgNXeqHG+QEBMAjIkBMf9myaSxFiy1odkEuOSem7ntv\nX7GZEJU9XRPQxxvcQtY0vdvmflawMX3lgH6FHd4pM7/xb8wNGBEgCVBSU4JhBwP4\n/O9OaNLlU3uQ9dZSt9LEUDt08EWySxD2uto20tfDLtD6JD7gV0wKaG3Nm4IN6ig6\nNmXyt6GejUcmHCO0VJ7LgDejnY9pKQ+/w+AEddfdKAjiUM4gg1n8klpE75u5yOXC\nat17tsVYAx0wj6EbB4X9FdHHJirvWYQqIQK/KLNMlUr73ocvY6wUNqgfVP6NMC+y\nfvTCOT+k+FlxakmcZhco5WXqfBJtYwIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAGDe\nihJZXSeohzqPh9UrhoC9+msKW7rcnUcKKHfPCftW7RMZqvqvqLspYakMzxfkK8zt\ngxzNj0V+/kq8NU7w4ZK3cExoLZaZhLbg1A6xf65e2kQI2zue95mMWxPWeM5vlwEV\nrxWOmiSbPJ+RLZbkxxUSVNsLlxty7T7dbjB
fhNyG\n-----END CERTIFICATE-----\n'
val_config = None, arg = 'encrypted_advice_attributes'
def gather_authn_response_args(self, sp_entity_id, name_id_policy, userid,
**kwargs):
kwargs["policy"] = kwargs.get("release_policy")
# collect args and return them
args = {}
# XXX will be passed to _authn_response
param_defaults = {
"policy": None,
"best_effort": False,
"sign_assertion": False,
"sign_response": False,
"encrypt_assertion": False,
"encrypt_assertion_self_contained": True,
"encrypted_advice_attributes": False,
"encrypt_cert_advice": None,
"encrypt_cert_assertion": None,
# need to be named sign_alg and digest_alg
}
for param, val_default in param_defaults.items():
val_kw = kwargs.get(param)
val_config = self.config.getattr(param, "idp")
args[param] = val_kw if val_kw is not None else val_config if
val_config is not None else val_default
for arg, attr, eca, pefim in [
("encrypted_advice_attributes", "verify_encrypt_cert_advice",
"encrypt_cert_advice", kwargs["pefim"]),
("encrypt_assertion", "verify_encrypt_cert_assertion",
"encrypt_cert_assertion", False),
]:
if args[arg] or pefim:
_enc_cert = self.config.getattr(attr, "idp")
if _enc_cert is not None:
if kwargs[eca] is None:
raise CertificateError(
"No SPCertEncType certificate for encryption "
"contained in authentication " "request."
)
if not _enc_cert(kwargs[eca]):
> raise CertificateError("Invalid certificate for
> encryption!")
E saml2.cert.CertificateError: Invalid certificate for
encryption!
saml2/server.py:737: CertificateError
_______________ TestServer1NonAsciiAva.test_encrypted_response_6 _______________
self = <test_50_server.TestServer1NonAsciiAva object at 0x7fac3adfb7a0>
def test_encrypted_response_6(self):
_server = Server("idp_conf_verify_cert")
cert_str_advice, cert_key_str_advice = generate_cert()
cert_str_assertion, cert_key_str_assertion = generate_cert()
> _resp = _server.create_authn_response(
self.ava,
"id12", # in_response_to
"http://lingon.catalogix.se:8087/";, # consumer_url
"urn:mace:example.com:saml:roland:sp", # sp_entity_id
name_id=self.name_id,
sign_response=False,
sign_assertion=False,
encrypt_assertion=True,
encrypt_assertion_self_contained=True,
pefim=True,
encrypt_cert_advice=cert_str_advice,
encrypt_cert_assertion=cert_str_assertion,
)
tests/test_50_server.py:1987:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
saml2/server.py:833: in create_authn_response
args = self.gather_authn_response_args(
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <saml2.server.Server object at 0x7fac3972ef90>
sp_entity_id = 'urn:mace:example.com:saml:roland:sp', name_id_policy = None
userid = None
kwargs = {'encrypt_assertion': True, 'encrypt_assertion_self_contained': True,
'encrypt_cert_advice': '-----BEGIN
CERTIFICATE-----\nMIICujCCAiMCAQEwDQYJKoZIhvcNAQELBQAwbTELMAkGA1UEBhMCc2UxCzAJBgNV\nBAgMAmFjMQ0wCwYDVQQHDAR1bWVhMRwwGgYDVQQKDBNJVFMgVW1lYSBVbml2ZXJz\naXR5MQ0wCwYDVQQLDARESVJHMRUwEwYDVQQDDAxsb2NhbGhvc3QuY2EwHhcNMjQx\nMjE0MTczNDE2WhcNMzQxMjEyMTczNDE2WjBaMQswCQYDVQQGEwJzZTELMAkGA1UE\nCAwCYWMxDTALBgNVBAcMBFVtZWExDDAKBgNVBAoMA0lUUzENMAsGA1UECwwERElS\nRzESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEA805X9u9SXDrgZE/AGv5q2D38pCta9sEfrU/pIG+Y4G/MZNEEiNiX0WQi\nBLtz4tjyyxxh5BS5GPcrHsmzNcVO13S/h6c0wGae2uY/m9hI1o0+pymA6Bjesifz\n22MfW5HjajB9m4GHY5s6PtG2Zk7Kq4e171kq52OPccLvyL7WN6FXDTw2NGJG9VB4\nwkiNbS4/Q3WOFUMEzb2GYkkEFzv3XtLSVjLDx3OvDOBPzPKEc71T6Rw0h4hadtap\nbOvPqJAvxbHg0Zy/Jbdlj1H04UYWplDPTzuKcCRy2H278IXXLmZueAAbMM/bcZMe\nxjnSp19nUXAH3ZUz2j8mttG6bt/PkQIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAIOp\nZjI5Xl/gLcCdWbdV+DH6SSd7/O4DNtPLem3K7dpHpLUfL4kTL81917ieLr9dqeGY\nb1gTQUbD
bJHcOBwI6p2REo2hBOWS91PNKKHUne6F5YrIY3q7mlKdoboyE1Um6iFu\ntP60ITNVO4qG1O+IzF39/KGHTIo54SGx53A4VxWk\n-----END
CERTIFICATE-----\n', 'encrypt_cert_assertion': '-----BEGIN
CERTIFICATE-----\nMIICujCCAiMCAQEwDQYJKoZIhvcNAQELBQAwbTELMAkGA1UEBhMCc2UxCzAJBgNV\nBAgMAmFjMQ0wCwYDVQQHDAR1bWVhMRwwGgYDVQQKDBNJVFMgVW1lYSBVbml2ZXJz\naXR5MQ0wCwYDVQQLDARESVJHMRUwEwYDVQQDDAxsb2NhbGhvc3QuY2EwHhcNMjQx\nMjE0MTczNDE2WhcNMzQxMjEyMTczNDE2WjBaMQswCQYDVQQGEwJzZTELMAkGA1UE\nCAwCYWMxDTALBgNVBAcMBFVtZWExDDAKBgNVBAoMA0lUUzENMAsGA1UECwwERElS\nRzESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAtBZxMrbkGyavtAvff1uRe29fcOsI0HdyETeR2Z91siOHOjBCtZcrXQlj\n5c2v3i8NUR9YyXM7rtpB4bvc+iEybNEmHWbvOS8/RiBigeiazhJwP6q8OcS3GzO0\np72YBpUa0rpuCwzbaV6uOiBG5b4p9NjbFp95B/xiEmjl+wj3GytZqWw29rMNI1Wt\nkOpCFHF+bbGbzR2ZEdMy1fa1lcRXyW5lHRtkJWqjNCiKKQvnjWJuvrEnPqN0i+VD\n+DBCEbkk1tRxLHtcyRk8yHheWN3llYmV7qiyfjFJBUVaRsecEKRrHxjfaj5MJK1A\nzHRKpVNTqM5fz9WFD51oHVwhDcMkkQIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAIfV\nLwOvdlbMdISRud+pd37
KhUNgAqR0sRoWDeZm9pqNtzHoxx1EfPNwwTL8igRxy7fG\n7VZrKHlU0ht/SSpALHcFt9xRsRvtynxzMV7Tu6egLVhMigm7/13Jjn/JGpsG1lhC\n0VHhhEBEpf1WNKL2ZAMZfP80/G+FVhKjLCTtpKH2\n-----END
CERTIFICATE-----\n', ...}
args = {'best_effort': False, 'encrypt_assertion': True,
'encrypt_assertion_self_contained': True, 'encrypt_cert_advice': '-----BEGIN
CERTIFICATE-----\nMIICujCCAiMCAQEwDQYJKoZIhvcNAQELBQAwbTELMAkGA1UEBhMCc2UxCzAJBgNV\nBAgMAmFjMQ0wCwYDVQQHDAR1bWVhMRwwGgYDVQQKDBNJVFMgVW1lYSBVbml2ZXJz\naXR5MQ0wCwYDVQQLDARESVJHMRUwEwYDVQQDDAxsb2NhbGhvc3QuY2EwHhcNMjQx\nMjE0MTczNDE2WhcNMzQxMjEyMTczNDE2WjBaMQswCQYDVQQGEwJzZTELMAkGA1UE\nCAwCYWMxDTALBgNVBAcMBFVtZWExDDAKBgNVBAoMA0lUUzENMAsGA1UECwwERElS\nRzESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEA805X9u9SXDrgZE/AGv5q2D38pCta9sEfrU/pIG+Y4G/MZNEEiNiX0WQi\nBLtz4tjyyxxh5BS5GPcrHsmzNcVO13S/h6c0wGae2uY/m9hI1o0+pymA6Bjesifz\n22MfW5HjajB9m4GHY5s6PtG2Zk7Kq4e171kq52OPccLvyL7WN6FXDTw2NGJG9VB4\nwkiNbS4/Q3WOFUMEzb2GYkkEFzv3XtLSVjLDx3OvDOBPzPKEc71T6Rw0h4hadtap\nbOvPqJAvxbHg0Zy/Jbdlj1H04UYWplDPTzuKcCRy2H278IXXLmZueAAbMM/bcZMe\nxjnSp19nUXAH3ZUz2j8mttG6bt/PkQIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAIOp\nZjI5Xl/gLcCdWbdV+DH6SSd7/O4DNtPLem3K7dpHpLUfL4kTL81917
ieLr9dqeGY\nb1gTQUbDbJHcOBwI6p2REo2hBOWS91PNKKHUne6F5YrIY3q7mlKdoboyE1Um6iFu\ntP60ITNVO4qG1O+IzF39/KGHTIo54SGx53A4VxWk\n-----END
CERTIFICATE-----\n', ...}
param_defaults = {'best_effort': False, 'encrypt_assertion': False,
'encrypt_assertion_self_contained': True, 'encrypt_cert_advice': None, ...}
param = 'encrypt_cert_assertion', val_default = None
val_kw = '-----BEGIN
CERTIFICATE-----\nMIICujCCAiMCAQEwDQYJKoZIhvcNAQELBQAwbTELMAkGA1UEBhMCc2UxCzAJBgNV\nBAgMAmFjMQ0wCwYDVQQHDAR1bWVhMRwwGgYDVQQKDBNJVFMgVW1lYSBVbml2ZXJz\naXR5MQ0wCwYDVQQLDARESVJHMRUwEwYDVQQDDAxsb2NhbGhvc3QuY2EwHhcNMjQx\nMjE0MTczNDE2WhcNMzQxMjEyMTczNDE2WjBaMQswCQYDVQQGEwJzZTELMAkGA1UE\nCAwCYWMxDTALBgNVBAcMBFVtZWExDDAKBgNVBAoMA0lUUzENMAsGA1UECwwERElS\nRzESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\nCgKCAQEAtBZxMrbkGyavtAvff1uRe29fcOsI0HdyETeR2Z91siOHOjBCtZcrXQlj\n5c2v3i8NUR9YyXM7rtpB4bvc+iEybNEmHWbvOS8/RiBigeiazhJwP6q8OcS3GzO0\np72YBpUa0rpuCwzbaV6uOiBG5b4p9NjbFp95B/xiEmjl+wj3GytZqWw29rMNI1Wt\nkOpCFHF+bbGbzR2ZEdMy1fa1lcRXyW5lHRtkJWqjNCiKKQvnjWJuvrEnPqN0i+VD\n+DBCEbkk1tRxLHtcyRk8yHheWN3llYmV7qiyfjFJBUVaRsecEKRrHxjfaj5MJK1A\nzHRKpVNTqM5fz9WFD51oHVwhDcMkkQIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAIfV\nLwOvdlbMdISRud+pd37KhUNgAqR0sRoWDeZm9pqNtzHoxx1EfPNwwTL8igRxy7fG\n7VZrKHlU0ht/SSpALHcFt9xRsRvtynxzMV7Tu6egLVhMigm7/13Jjn/JGpsG1lhC\n0VHhhEBEpf1WNKL2ZAMZfP80/G+FVhKjLCT
tpKH2\n-----END CERTIFICATE-----\n'
val_config = None, arg = 'encrypted_advice_attributes'
def gather_authn_response_args(self, sp_entity_id, name_id_policy, userid,
**kwargs):
kwargs["policy"] = kwargs.get("release_policy")
# collect args and return them
args = {}
# XXX will be passed to _authn_response
param_defaults = {
"policy": None,
"best_effort": False,
"sign_assertion": False,
"sign_response": False,
"encrypt_assertion": False,
"encrypt_assertion_self_contained": True,
"encrypted_advice_attributes": False,
"encrypt_cert_advice": None,
"encrypt_cert_assertion": None,
# need to be named sign_alg and digest_alg
}
for param, val_default in param_defaults.items():
val_kw = kwargs.get(param)
val_config = self.config.getattr(param, "idp")
args[param] = val_kw if val_kw is not None else val_config if
val_config is not None else val_default
for arg, attr, eca, pefim in [
("encrypted_advice_attributes", "verify_encrypt_cert_advice",
"encrypt_cert_advice", kwargs["pefim"]),
("encrypt_assertion", "verify_encrypt_cert_assertion",
"encrypt_cert_assertion", False),
]:
if args[arg] or pefim:
_enc_cert = self.config.getattr(attr, "idp")
if _enc_cert is not None:
if kwargs[eca] is None:
raise CertificateError(
"No SPCertEncType certificate for encryption "
"contained in authentication " "request."
)
if not _enc_cert(kwargs[eca]):
> raise CertificateError("Invalid certificate for
> encryption!")
E saml2.cert.CertificateError: Invalid certificate for
encryption!
saml2/server.py:737: CertificateError
______________ TestGenerateCertificates.test_validate_cert_chains ______________
self = <test_81_certificates.TestGenerateCertificates
testMethod=test_validate_cert_chains>
def test_validate_cert_chains(self):
cert_info_ca = {
"cn": "qwerty",
"country_code": "qw",
"state": "qwerty",
"city": "qwerty",
"organization": "qwerty",
"organization_unit": "qwerty",
}
cert_intermediate_1_info = {
"cn": "intermediate_1",
"country_code": "as",
"state": "asdfgh",
"city": "asdfgh",
"organization": "asdfgh",
"organization_unit": "asdfg",
}
cert_intermediate_2_info = {
"cn": "intermediate_2",
"country_code": "as",
"state": "asdfgh",
"city": "asdfgh",
"organization": "asdfgh",
"organization_unit": "asdfg",
}
cert_client_cert_info = {
"cn": "intermediate_1",
"country_code": "as",
"state": "asdfgh",
"city": "asdfgh",
"organization": "asdfgh",
"organization_unit": "asdfg",
}
osw = OpenSSLWrapper()
ca_cert_str, ca_key_str = osw.create_certificate(cert_info_ca,
request=False)
req_cert_str, intermediate_1_key_str =
osw.create_certificate(cert_intermediate_1_info, request=True)
intermediate_cert_1_str =
osw.create_cert_signed_certificate(ca_cert_str, ca_key_str, req_cert_str)
req_cert_str, intermediate_2_key_str =
osw.create_certificate(cert_intermediate_2_info, request=True)
intermediate_cert_2_str = osw.create_cert_signed_certificate(
intermediate_cert_1_str, intermediate_1_key_str, req_cert_str
)
req_cert_str, client_key_str =
osw.create_certificate(cert_client_cert_info, request=True)
client_cert_str = osw.create_cert_signed_certificate(
intermediate_cert_2_str, intermediate_2_key_str, req_cert_str
)
cert_chain = [intermediate_cert_2_str, intermediate_cert_1_str,
ca_cert_str]
valid, mess = osw.verify_chain(cert_chain, client_cert_str)
> self.assertTrue(valid)
E AssertionError: False is not true
tests/test_81_certificates.py:131: AssertionError
____________ TestGenerateCertificates.test_validate_with_root_cert _____________
self = <test_81_certificates.TestGenerateCertificates
testMethod=test_validate_with_root_cert>
def test_validate_with_root_cert(self):
cert_info_ca = {
"cn": "qwerty",
"country_code": "qw",
"state": "qwerty",
"city": "qwerty",
"organization": "qwerty",
"organization_unit": "qwerty",
}
cert_info = {
"cn": "asdfgh",
"country_code": "as",
"state": "asdfgh",
"city": "asdfgh",
"organization": "asdfgh",
"organization_unit": "asdfg",
}
osw = OpenSSLWrapper()
ca_cert, ca_key = osw.create_certificate(
cert_info_ca,
request=False,
write_to_file=True,
cert_dir=f"{os.path.dirname(os.path.abspath(__file__))}/pki",
)
req_cert_str, req_key_str = osw.create_certificate(cert_info,
request=True)
ca_cert_str = osw.read_str_from_file(ca_cert)
ca_key_str = osw.read_str_from_file(ca_key)
cert_str = osw.create_cert_signed_certificate(ca_cert_str, ca_key_str,
req_cert_str)
valid, mess = osw.verify(ca_cert_str, cert_str)
> self.assertTrue(valid)
E AssertionError: False is not true
tests/test_81_certificates.py:50: AssertionError
=========================== short test summary info ============================
SKIPPED [1] tests/test_37_entity_categories.py:296: Temporarily disabled
SKIPPED [1] tests/test_37_entity_categories.py:325: Temporarily disabled
SKIPPED [1] tests/test_37_entity_categories.py:358: Temporarily disabled
FAILED tests/test_50_server.py::TestServer1::test_encrypted_response_6 -
saml2.cert.CertificateError: Invalid certificate for encryption!
FAILED
tests/test_50_server.py::TestServer1NonAsciiAva::test_encrypted_response_6 -
saml2.cert.CertificateError: Invalid certificate for encryption!
FAILED
tests/test_81_certificates.py::TestGenerateCertificates::test_validate_cert_chains
- AssertionError: False is not true
FAILED
tests/test_81_certificates.py::TestGenerateCertificates::test_validate_with_root_cert
- AssertionError: False is not true
====== 4 failed, 772 passed, 3 skipped, 2 deselected in 154.85s (0:02:34) ======
E: pybuild pybuild:389: test: plugin pyproject failed with: exit code=1: cd
/<<PKGBUILDDIR>>/.pybuild/cpython3_3.12_pysaml2/build; python3.12 -m pytest
tests -v -Wignore -k "not test_signed_metadata_proper_str_bytes_handling and
not test_enc1"
dh_auto_test: error: pybuild --test --test-pytest -i python{version} -p "3.13
3.12" returned exit code 13
make: *** [debian/rules:16: build] Error 25
dpkg-buildpackage: error: debian/rules build subprocess returned exit status 2
--------------------------------------------------------------------------------
The above is just how the build ends and not necessarily the most relevant part.
If required, the full build log is available here:
https://people.debian.org/~sanvila/build-logs/202412/
About the archive rebuild: The build was made on virtual machines from AWS,
using sbuild and a reduced chroot with only build-essential packages.
If you could not reproduce the bug please contact me privately, as I
am willing to provide ssh access to a virtual machine where the bug is
fully reproducible.
If this is really a bug in one of the build-depends, please use
reassign and affects, so that this is still visible in the BTS web
page for this package.
Thanks.
