diff --git a/signxml/xades/xades.py b/signxml/xades/xades.py index 030abc0..5632b2e 100644 --- a/signxml/xades/xades.py +++ b/signxml/xades/xades.py @@ -272,7 +272,7 @@ class XAdESVerifier(XAdESProcessor, XMLVerifier): def _verify_signing_time(self, verify_result: VerifyResult): pass - def _verify_cert_digest(self, signing_cert_node, expect_cert,idx): + def _verify_cert_digest(self, signing_cert_node, expect_cert, idx): cert = self._find(signing_cert_node, "xades:Cert[{0}]".format(idx)) cert_digest = self._find(cert, "xades:CertDigest") digest_alg = DigestAlgorithm(self._find(cert_digest, "DigestMethod").get("Algorithm")) @@ -285,21 +285,23 @@ def _verify_cert_digest(self, signing_cert_node, expect_cert,idx): def _verify_cert_digests(self, verify_result: VerifyResult): x509_data = verify_result.signature_xml.find("ds:KeyInfo/ds:X509Data", namespaces=namespaces) - for idx,x_cert in enumerate(self._findall(x509_data, "X509Certificate")): - cert_from_key_info = load_certificate( - FILETYPE_PEM, add_pem_header(x_cert.text) - ) + for idx, x_cert in enumerate(self._findall(x509_data, "X509Certificate")): + cert_from_key_info = load_certificate(FILETYPE_PEM, add_pem_header(x_cert.text)) signed_signature_props = self._find(verify_result.signed_xml, "xades:SignedSignatureProperties") signing_cert = self._find(signed_signature_props, "xades:SigningCertificate", require=False) signing_cert_v2 = self._find(signed_signature_props, "xades:SigningCertificateV2", require=False) if signing_cert is None and signing_cert_v2 is None: - raise InvalidInput("Expected to find XML element xades:SigningCertificate or xades:SigningCertificateV2") + raise InvalidInput( + "Expected to find XML element xades:SigningCertificate or xades:SigningCertificateV2" + ) if signing_cert is not None and signing_cert_v2 is not None: - raise InvalidInput("Expected to find exactly one of xades:SigningCertificate or xades:SigningCertificateV2") + raise InvalidInput( + "Expected to find exactly one of xades:SigningCertificate or xades:SigningCertificateV2" + ) if signing_cert is not None: - self._verify_cert_digest(signing_cert, expect_cert=cert_from_key_info,idx=idx+1) + self._verify_cert_digest(signing_cert, expect_cert=cert_from_key_info, idx=(idx+1)) elif signing_cert_v2 is not None: - self._verify_cert_digest(signing_cert_v2, expect_cert=cert_from_key_info,idx=idx+1) + self._verify_cert_digest(signing_cert_v2, expect_cert=cert_from_key_info, idx=(idx+1)) def _verify_signature_policy(self, verify_result: VerifyResult, expect_signature_policy: XAdESSignaturePolicy): signed_signature_props = self._find(verify_result.signed_xml, "xades:SignedSignatureProperties")