Added option to exclude c14n tranformation from Transform XML node

vo-va · vo-va · commit 0e26307b0fd8 · 2018-02-02T22:31:51.000+06:00
Some software can uses hard restrictions on Transform XML node, that prohibit include c14n transformation into Transform XML node.
diff --git a/signxml/__init__.py b/signxml/__init__.py
@@ -265,9 +265,13 @@ class XMLSigner(XMLSignatureProcessor):
         listed under the `Algorithm Identifiers and Implementation Requirements
         <http://www.w3.org/TR/xmldsig-core1/#sec-AlgID>`_ section of the XML Signature 1.1 standard are supported.
     :type digest_algorithm: string
+    :param include_c14n_transform: If this parameter equal ``True`` c14n transformation will be included in ``Transform`` XML node.
+        This parameter is needed, because some software can uses hard restrictions on Transform XML node, that prohibit 
+        include c14n transformation into Transform XML node.
+    :type include_c14n_transform: string
     """
     def __init__(self, method=methods.enveloped, signature_algorithm="rsa-sha256", digest_algorithm="sha256",
-                 c14n_algorithm=XMLSignatureProcessor.default_c14n_algorithm):
+                 c14n_algorithm=XMLSignatureProcessor.default_c14n_algorithm, include_c14n_transform=True):
         if method not in methods:
             raise InvalidInput("Unknown signature method {}".format(method))
         self.method = method
@@ -277,6 +281,7 @@ def __init__(self, method=methods.enveloped, signature_algorithm="rsa-sha256", d
         self.digest_alg = digest_algorithm
         assert c14n_algorithm in self.known_c14n_algorithms
         self.c14n_alg = c14n_algorithm
+        self.include_c14n_transform = include_c14n_transform
         self.namespaces = dict(ds=namespaces.ds)
         self._parser = None
 
@@ -481,7 +486,8 @@ def _build_sig(self, sig_root, reference_uris, c14n_inputs):
             if self.method == methods.enveloped:
                 transforms = SubElement(reference, ds_tag("Transforms"))
                 SubElement(transforms, ds_tag("Transform"), Algorithm=namespaces.ds + "enveloped-signature")
-                SubElement(transforms, ds_tag("Transform"), Algorithm=self.c14n_alg)
+                if self.include_c14n_transform is True:
+                    SubElement(transforms, ds_tag("Transform"), Algorithm=self.c14n_alg)
             digest_method = SubElement(reference, ds_tag("DigestMethod"),
                                        Algorithm=self.known_digest_tags[self.digest_alg])
             digest_value = SubElement(reference, ds_tag("DigestValue"))
