- self.set_refid(sig.getAttribute("xml:id").strip("Sig_"))
- keyinfo = sig.getElementsByTagName("X509Data")[0]
- szgid = getTextNode(keyinfo, "X509Certificate")
- szgid = "-----BEGIN CERTIFICATE-----\n%s\n-----END CERTIFICATE-----" % szgid
- self.set_issuer_gid(GID(string=szgid))
-
+ # This code until the end of function rewritten by Aaron Helsinger
+ ref_id = remove_prefix(sig.getAttribute("xml:id").strip(), "Sig_")
+ # The xml:id tag is optional, and could be in a
+ # Reference xml:id or Reference UID sub element instead
+ if not ref_id or ref_id == '':
+ reference = sig.getElementsByTagName('Reference')[0]
+ ref_id = remove_prefix(
+ reference.getAttribute('xml:id').strip(), "Sig_")
+ if not ref_id or ref_id == '':
+ ref_id = remove_prefix(
+ reference.getAttribute('URI').strip(), "#")
+ self.set_refid(ref_id)
+ keyinfos = sig.getElementsByTagName("X509Data")
+ gids = None
+ for keyinfo in keyinfos:
+ certs = keyinfo.getElementsByTagName("X509Certificate")
+ for cert in certs:
+ if len(cert.childNodes) > 0:
+ szgid = cert.childNodes[0].nodeValue
+ szgid = szgid.strip()
+ szgid = "-----BEGIN CERTIFICATE-----\n"\
+ "{}\n-----END CERTIFICATE-----".format(
+ szgid)
+ if gids is None:
+ gids = szgid
+ else:
+ gids += "\n" + szgid
+ if gids is None:
+ raise CredentialNotVerifiable(
+ "Malformed XML: No certificate found in signature")
+ self.set_issuer_gid(GID(string=gids))
+