Pylint and autumn cleaning

src/saml2/__init__.py

@@ -38,9 +38,9 @@ except ImportError:
     except ImportError:
         from elementtree import ElementTree
 
-SAML_NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:assertion'
+NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:assertion'
-SAML_TEMPLATE = '{urn:oasis:names:tc:SAML:2.0:assertion}%s'
+#TEMPLATE = '{urn:oasis:names:tc:SAML:2.0:assertion}%s'
-XSI_NAMESPACE = 'http://www.w3.org/2001/XMLSchema-instance'
+#XSI_NAMESPACE = 'http://www.w3.org/2001/XMLSchema-instance'
 
 NAMEID_FORMAT_EMAILADDRESS = (
     "urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress")
@@ -438,3 +438,14 @@ class SamlBase(ExtensionContainer):
             self.__dict__[extension_attribute_name] = value
                     
 
+def extension_element_to_element(extension_element, element_to_string,
+                                    namespace=None):
+    if extension_element.namespace == namespace:
+        try:
+            ets = element_to_string[extension_element.tag]
+            return ets(extension_element.to_string())
+        except KeyError:
+            pass
+            
+    return None
+        

src/saml2/client.py

@@ -9,12 +9,8 @@ except ImportError:
     from md5 import md5
 import zlib
 
-from subprocess import Popen, PIPE
+from saml2 import samlp, saml
-
-from saml2 import samlp, saml, metadata
 from saml2.sigver import correctly_signed_response
-from saml2.metadata import cert_from_assertion
-#from saml2.metadata import load_certs_to_manager
 
 DEFAULT_BINDING = saml2.BINDING_HTTP_REDIRECT
 
@@ -323,7 +319,7 @@ class Saml2Client:
     def init_request(self, request, destination):
         request.id = _sid()
         request.version = "2.0"
-        request.issue_instant = date_and_time()
+        request.issue_instant = get_date_and_time()
         request.destination = destination
         return request
         
@@ -342,11 +338,11 @@ class Saml2Client:
         :return: An AttributeQuery instance
         """
         
-        attr_query = self.init_request(samlp.AttributeQuery())
+        attr_query = self.init_request(samlp.AttributeQuery(), destination)
         
-        subject = samlp.Subject()
+        subject = saml.Subject()
-        name_id = samlp.NameID()
+        name_id = saml.NameID()
-        name_id.format = NAMEID_FORMAT_PERSISTENT
+        name_id.format = saml.NAMEID_FORMAT_PERSISTENT
         if name_qualifier:
             name_id.name_qualifier = name_qualifier
         if sp_name_qualifier:
@@ -357,7 +353,7 @@ class Saml2Client:
         attr_query.subject = subject
         if attribute:
             attrs = []
-            for attr,values in attribute.items():
+            for attr, values in attribute.items():
                 sattr = saml.Attribute()
                 sattr.name = attr
                 #sattr.name_format = NAME_FORMAT_UNSPECIFIED
@@ -400,7 +396,7 @@ class Saml2Client:
 
         logout_req = self.init_request(samlp.LogoutRequest())
         logout_req.session_index = _sid()
-        logout_req.base_id = samlp.BaseID(text=subject_id)
+        logout_req.base_id = saml.BaseID(text=subject_id)
         if reason:
             logout_req.reason = reason
         if not_on_or_after:

src/saml2/md.py

@@ -24,18 +24,20 @@
 
 from saml2 import saml, SamlBase, create_class_from_xml_string
 from saml2.saml import Attribute
+from saml2.saml import NAMESPACE as SAML_NAMESPACE
 import xmldsig as ds
+from xmldsig import NAMESPACE as DS_NAMESPACE
+from xmlenc import NAMESPACE as XMLENC_NAMESPACE
 
-MD_NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:metadata'
+NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:metadata'
-MD_TEMPLATE = '{urn:oasis:names:tc:SAML:2.0:metadata}%s'
+#MD_TEMPLATE = '{urn:oasis:names:tc:SAML:2.0:metadata}%s'
-XMLENC_NAMESPACE = 'http://www.w3.org/2001/04/xmlenc#'
 XML_TEMPLATE = '{http://www.w3.org/XML/1998/namespace}%s'
 
 class Extensions(SamlBase):
     """The md:Extensions element"""
 
     c_tag = 'Extensions'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
 
@@ -46,7 +48,7 @@ def extensions_from_string(xml_string):
 class LocalizedName(SamlBase):
     """The md:LocalizedName abstract type"""
     c_tag = 'LocalizedName'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
     c_attributes[XML_TEMPLATE % 'lang'] = 'lang'
@@ -71,7 +73,7 @@ def localized_name_from_string(xml_string):
 class LocalizedURI(SamlBase):
     """The md:LocalizedURI abstract type"""
     c_tag = 'LocalizedURI'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
     c_attributes[XML_TEMPLATE % 'lang'] = 'lang'
@@ -97,7 +99,7 @@ def localized_uri_from_string(xml_string):
 class OrganizationName(LocalizedName):
     """The md:OrganizationName element"""
     c_tag = 'OrganizationName'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = LocalizedName.c_children.copy()
     c_attributes = LocalizedName.c_attributes.copy()
 
@@ -123,7 +125,7 @@ def organization_name_from_string(xml_string):
 class OrganizationDisplayName(LocalizedName):
     """The md:OrganizationDisplayName element"""
     c_tag = 'OrganizationDisplayName'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = LocalizedName.c_children.copy()
     c_attributes = LocalizedName.c_attributes.copy()
 
@@ -149,7 +151,7 @@ def organization_display_name_from_string(xml_string):
 class OrganizationURL(LocalizedURI):
     """The md:OrganizationURL element"""
     c_tag = 'OrganizationURL'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = LocalizedURI.c_children.copy()
     c_attributes = LocalizedURI.c_attributes.copy()
 
@@ -176,15 +178,15 @@ class Organization(SamlBase):
     """The md:Organization base type"""
 
     c_tag = 'Organization'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
-    c_children['{%s}Extensions' % MD_NAMESPACE] = ('extensions', Extensions)
+    c_children['{%s}Extensions' % NAMESPACE] = ('extensions', Extensions)
-    c_children['{%s}OrganizationName' % MD_NAMESPACE] = (
+    c_children['{%s}OrganizationName' % NAMESPACE] = (
         'organization_name', [OrganizationName])
-    c_children['{%s}OrganizationDisplayName' % MD_NAMESPACE] = (
+    c_children['{%s}OrganizationDisplayName' % NAMESPACE] = (
         'organization_display_name', [OrganizationDisplayName])
-    c_children['{%s}OrganizationURL' % MD_NAMESPACE] = (
+    c_children['{%s}OrganizationURL' % NAMESPACE] = (
         'organization_url', [OrganizationURL])
     child_order = ['extensions', 'organization_name',
                     'organization_display_name', 'organization_url']
@@ -218,7 +220,7 @@ class Endpoint(SamlBase):
     """The md:Endpoint base type"""
 
     c_tag = 'Endpoint'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
     c_attributes['Binding'] = 'binding'
@@ -251,7 +253,7 @@ class IndexedEndpoint(Endpoint):
     """The md:IndexedEndpoint base type"""
 
     c_tag = 'IndexedEndpoint'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = Endpoint.c_children.copy()
     c_attributes = Endpoint.c_attributes.copy()
     c_attributes['index'] = 'index'
@@ -286,7 +288,7 @@ class Company(SamlBase):
     """The md:Company element"""
 
     c_tag = 'Company'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
 
@@ -299,7 +301,7 @@ class GivenName(SamlBase):
     """The md:GivenName element"""
 
     c_tag = 'GivenName'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
 
@@ -312,7 +314,7 @@ class SurName(SamlBase):
     """The md:SurName element"""
 
     c_tag = 'SurName'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
 
@@ -325,7 +327,7 @@ class EmailAddress(SamlBase):
     """The md:EmailAddress element"""
 
     c_tag = 'EmailAddress'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
 
@@ -338,7 +340,7 @@ class TelephoneNumber(SamlBase):
     """The md:TelephoneNumber element"""
 
     c_tag = 'TelephoneNumber'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
 
@@ -351,17 +353,17 @@ class ContactPerson(SamlBase):
     """The md:ContactPerson element"""
 
     c_tag = 'ContactPerson'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
     c_attributes['contactType'] = 'contact_type'
-    c_children['{%s}Extensions' % MD_NAMESPACE] = ('extensions', Extensions)
+    c_children['{%s}Extensions' % NAMESPACE] = ('extensions', Extensions)
-    c_children['{%s}Company' % MD_NAMESPACE] = ('company', Company)
+    c_children['{%s}Company' % NAMESPACE] = ('company', Company)
-    c_children['{%s}GivenName' % MD_NAMESPACE] = ('given_name', GivenName)
+    c_children['{%s}GivenName' % NAMESPACE] = ('given_name', GivenName)
-    c_children['{%s}SurName' % MD_NAMESPACE] = ('sur_name', SurName)
+    c_children['{%s}SurName' % NAMESPACE] = ('sur_name', SurName)
-    c_children['{%s}EmailAddress' % MD_NAMESPACE] = (
+    c_children['{%s}EmailAddress' % NAMESPACE] = (
         'email_address', [EmailAddress])
-    c_children['{%s}TelephoneNumber' % MD_NAMESPACE] = (
+    c_children['{%s}TelephoneNumber' % NAMESPACE] = (
         'telephone_number', [TelephoneNumber])
     c_child_order = ['extensions', 'company', 'given_name', 'sur_name',
                                     'email_address', 'telephone_number']
@@ -402,7 +404,7 @@ class AdditionalMetadataLocation(SamlBase):
     """The md:AdditionalMetadataLocation element"""
 
     c_tag = 'AdditionalMetadataLocation'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
     c_attributes['namespace'] = 'namespace'
@@ -455,14 +457,14 @@ class EncryptionMethod(SamlBase):
     """The md:EncryptionMethod element"""
 
     c_tag = 'EncryptionMethod'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
     c_attributes['Algorithm'] = 'algorithm'
     c_children['{%s}KeySize' % XMLENC_NAMESPACE] = ('key_size', KeySize)
     c_children['{%s}OAEPparams' % XMLENC_NAMESPACE] = (
                     'oaep_params', OAEPparams)
-    c_children['{%s}DigestMethod' % ds.DS_NAMESPACE] = (
+    c_children['{%s}DigestMethod' % DS_NAMESPACE] = (
                     'digest_method', ds.DigestMethod)
     c_child_order = ['key_size', 'oaep_params', 'digest_method']
 
@@ -495,12 +497,12 @@ class KeyDescriptor(SamlBase):
     """The md:KeyDescriptor element"""
 
     c_tag = 'KeyDescriptor'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
     c_attributes['use'] = 'use'
-    c_children['{%s}KeyInfo' % ds.DS_NAMESPACE] = ('key_info', ds.KeyInfo)
+    c_children['{%s}KeyInfo' % DS_NAMESPACE] = ('key_info', ds.KeyInfo)
-    c_children['{%s}EncryptionMethod' % MD_NAMESPACE] = (
+    c_children['{%s}EncryptionMethod' % NAMESPACE] = (
         'encryption_method', [EncryptionMethod])
     c_child_order = ['key_info', 'encryption_method']
 
@@ -531,7 +533,7 @@ class RoleDescriptor(SamlBase):
     """The md:RoleDescriptor element"""
 
     c_tag = 'RoleDescriptor'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
     c_attributes['ID'] = 'identifier'
@@ -539,13 +541,13 @@ class RoleDescriptor(SamlBase):
     c_attributes['cacheDuration'] = 'cache_duration'
     c_attributes['protocolSupportEnumeration'] = 'protocol_support_enumeration'
     c_attributes['errorURL'] = 'error_url'
-    c_children['{%s}Signature' % ds.DS_NAMESPACE] = ('signature', ds.Signature)
+    c_children['{%s}Signature' % DS_NAMESPACE] = ('signature', ds.Signature)
-    c_children['{%s}Extensions' % MD_NAMESPACE] = ('extensions', Extensions)
+    c_children['{%s}Extensions' % NAMESPACE] = ('extensions', Extensions)
-    c_children['{%s}KeyDescriptor' % MD_NAMESPACE] = (
+    c_children['{%s}KeyDescriptor' % NAMESPACE] = (
                         'key_descriptor', [KeyDescriptor])
-    c_children['{%s}Organization' % MD_NAMESPACE] = (
+    c_children['{%s}Organization' % NAMESPACE] = (
                         'organization', Organization)
-    c_children['{%s}ContactPerson' % MD_NAMESPACE] = (
+    c_children['{%s}ContactPerson' % NAMESPACE] = (
                         'contact_person', [ContactPerson])
     c_child_order = ['signature', 'extensions', 'key_descriptor', 
                         'organization', 'contact_person']
@@ -629,7 +631,7 @@ class NameIDFormat(SamlBase):
     """The md:NameIDFormat element"""
     
     c_tag = 'NameIDFormat'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
 
@@ -642,16 +644,16 @@ class SSODescriptor(RoleDescriptor):
     """The md:SSODescriptor element"""
 
     c_tag = 'SSODescriptor'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = RoleDescriptor.c_children.copy()
     c_attributes = RoleDescriptor.c_attributes.copy()
-    c_children['{%s}ArtifactResolutionService' % MD_NAMESPACE] = (
+    c_children['{%s}ArtifactResolutionService' % NAMESPACE] = (
         'artifact_resolution_service', [ArtifactResolutionService])
-    c_children['{%s}SingleLogoutService' % MD_NAMESPACE] = (
+    c_children['{%s}SingleLogoutService' % NAMESPACE] = (
         'single_logout_service', [SingleLogoutService])
-    c_children['{%s}ManageNameIDService' % MD_NAMESPACE] = (
+    c_children['{%s}ManageNameIDService' % NAMESPACE] = (
         'manage_name_id_service', [ManageNameIDService])
-    c_children['{%s}NameIDFormat' % MD_NAMESPACE] = (
+    c_children['{%s}NameIDFormat' % NAMESPACE] = (
         'name_id_format', [NameIDFormat])
 
     c_child_order = ['signature', 'extensions', 'key_descriptor', 
@@ -734,7 +736,7 @@ class AttributeProfile(SamlBase):
     """The md:AttributeProfile element"""
     
     c_tag = 'AttributeProfile'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
 
@@ -747,19 +749,19 @@ class IDPSSODescriptor(SSODescriptor):
     """The md:IDPSSODescriptor element"""
 
     c_tag = 'IDPSSODescriptor'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SSODescriptor.c_children.copy()
     c_attributes = SSODescriptor.c_attributes.copy()
     c_attributes['WantAuthnRequestsSigned'] = 'want_authn_requests_signed'
-    c_children['{%s}SingleSignOnService' % MD_NAMESPACE] = (
+    c_children['{%s}SingleSignOnService' % NAMESPACE] = (
         'single_sign_on_service', [SingleSignOnService])
-    c_children['{%s}NameIDMappingService' % MD_NAMESPACE] = (
+    c_children['{%s}NameIDMappingService' % NAMESPACE] = (
         'name_id_mapping_service', [NameIDMappingService])
-    c_children['{%s}AssertionIDRequestService' % MD_NAMESPACE] = (
+    c_children['{%s}AssertionIDRequestService' % NAMESPACE] = (
         'assertion_id_request_service', [AssertionIDRequestService])
-    c_children['{%s}AttributeProfile' % MD_NAMESPACE] = (
+    c_children['{%s}AttributeProfile' % NAMESPACE] = (
         'attribute_profile', [AttributeProfile])
-    c_children['{%s}Attribute' % saml.SAML_NAMESPACE] = (
+    c_children['{%s}Attribute' % SAML_NAMESPACE] = (
         'attribute', [Attribute])
 
     c_child_order = ['signature', 'extensions', 'key_descriptor', 
@@ -831,7 +833,7 @@ def idpsso_descriptor_from_string(xml_string):
 class RequestedAttribute(Attribute):
 
     c_tag = 'RequestedAttribute'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = Attribute.c_children.copy()
     c_attributes = Attribute.c_attributes.copy()
     c_attributes['isRequired'] = 'is_required'
@@ -864,7 +866,7 @@ def requested_attribute_from_string(xml_string):
 class ServiceName(LocalizedName):
     """The md:ServiceName element"""
     c_tag = 'ServiceName'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = LocalizedName.c_children.copy()
     c_attributes = LocalizedName.c_attributes.copy()
 
@@ -889,7 +891,7 @@ def service_name_from_string(xml_string):
 class ServiceDescription(LocalizedName):
     """The md:ServiceDescription element"""
     c_tag = 'ServiceDescription'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = LocalizedName.c_children.copy()
     c_attributes = LocalizedName.c_attributes.copy()
 
@@ -915,16 +917,16 @@ class AttributeConsumingService(SamlBase):
     """The md:AttributeConsumingService element"""
     
     c_tag = 'AttributeConsumingService'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
     c_attributes['index'] = 'index'
     c_attributes['isDefault'] = 'is_default'
-    c_children['{%s}ServiceName' % MD_NAMESPACE] = (
+    c_children['{%s}ServiceName' % NAMESPACE] = (
                     'service_name', [ServiceName])
-    c_children['{%s}ServiceDescription' % MD_NAMESPACE] = (
+    c_children['{%s}ServiceDescription' % NAMESPACE] = (
                     'service_description', [ServiceDescription])
-    c_children['{%s}RequestedAttribute' % MD_NAMESPACE] = (
+    c_children['{%s}RequestedAttribute' % NAMESPACE] = (
                     'requested_attribute', [RequestedAttribute])
     c_child_order = ['service_name', 'service_description', 
                     'requested_attribute']
@@ -961,14 +963,14 @@ class SPSSODescriptor(SSODescriptor):
     """The md:SPSSODescriptor element"""
 
     c_tag = 'SPSSODescriptor'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SSODescriptor.c_children.copy()
     c_attributes = SSODescriptor.c_attributes.copy()
     c_attributes['AuthnRequestsSigned'] = 'authn_requests_signed'
     c_attributes['WantAssertionsSigned'] = 'want_assertions_signed'
-    c_children['{%s}AssertionConsumerService' % MD_NAMESPACE] = (
+    c_children['{%s}AssertionConsumerService' % NAMESPACE] = (
         'assertion_consumer_service', [AssertionConsumerService])
-    c_children['{%s}AttributeConsumingService' % MD_NAMESPACE] = (
+    c_children['{%s}AttributeConsumingService' % NAMESPACE] = (
         'attribute_consuming_service', [AttributeConsumingService])
     
     c_child_order = ['signature', 'extensions', 'key_descriptor', 
@@ -994,7 +996,8 @@ class SPSSODescriptor(SSODescriptor):
         :param identifier: ID attribute
         :param valid_until: validUntil attribute
         :param cache_duration: cacheDuration attribute
-        :param protocol_support_enumeration: protocolSupportEnumeration attribute
+        :param protocol_support_enumeration: protocolSupportEnumeration 
+            attribute
         :param error_url: errorURL attribute
         :param signature: ds:Signature element
         :param extensions: Extensions element
@@ -1011,12 +1014,14 @@ class SPSSODescriptor(SSODescriptor):
         :param attribute_consuming_service: AttributeConsumingService elements
         :param text: The text data in the this element
         :param extension_elements: A list of ExtensionElement instances
-        :param extension_attributes: A dictionary of attribute value string pairs
+        :param extension_attributes: A dictionary of attribute value string 
+            pairs
         """
         SSODescriptor.__init__(self, artifact_resolution_service,
                         single_logout_service, manage_name_id_service,
-                        name_id_format, identifier, valid_until, cache_duration, 
+                        name_id_format, identifier, valid_until, 
-                        protocol_support_enumeration, error_url, signature, 
+                        cache_duration, protocol_support_enumeration, 
+                        error_url, signature, 
                         extensions, key_descriptor, organization, 
                         contact_person, text, extension_elements, 
                         extension_attributes)
@@ -1038,28 +1043,28 @@ class EntityDescriptor(SamlBase):
     # AffiliationDescriptor is not implemented yet
 
     c_tag = 'EntityDescriptor'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
     c_attributes['entityID'] = 'entity_id'
     c_attributes['ID'] = 'identifier'
     c_attributes['validUntil'] = 'valid_until'
     c_attributes['cacheDuration'] = 'cache_duration'
-    c_children['{%s}Signature' % ds.DS_NAMESPACE] = ('signature', ds.Signature)
+    c_children['{%s}Signature' % DS_NAMESPACE] = ('signature', ds.Signature)
-    c_children['{%s}Extensions' % MD_NAMESPACE] = ('extensions', Extensions)
+    c_children['{%s}Extensions' % NAMESPACE] = ('extensions', Extensions)
-    c_children['{%s}RoleDescriptor' % MD_NAMESPACE] = (
+    c_children['{%s}RoleDescriptor' % NAMESPACE] = (
                                     'role_descriptor', [RoleDescriptor])
-    c_children['{%s}IDPSSODescriptor' % MD_NAMESPACE] = (
+    c_children['{%s}IDPSSODescriptor' % NAMESPACE] = (
                                     'idp_sso_descriptor', [IDPSSODescriptor])
-    c_children['{%s}SPSSODescriptor' % MD_NAMESPACE] = (
+    c_children['{%s}SPSSODescriptor' % NAMESPACE] = (
                                     'sp_sso_descriptor', [SPSSODescriptor])
-    c_children['{%s}Organization' % MD_NAMESPACE] = (
+    c_children['{%s}Organization' % NAMESPACE] = (
                                     'organization', Organization)
-    c_children['{%s}ContactPerson' % MD_NAMESPACE] = (
+    c_children['{%s}ContactPerson' % NAMESPACE] = (
                                     'contact_person', [ContactPerson])
-    c_children['{%s}ContactPerson' % MD_NAMESPACE] = (
+    c_children['{%s}ContactPerson' % NAMESPACE] = (
                                     'contact_person', [ContactPerson])
-    c_children['{%s}AdditionalMetadataLocation' % MD_NAMESPACE] = (
+    c_children['{%s}AdditionalMetadataLocation' % NAMESPACE] = (
                 'additional_metadata_location', [AdditionalMetadataLocation])
     c_child_order = ['signature', 'extensions', 'role_descriptor',
                     'idp_sso_descriptor', 'sp_sso_descriptor', 'organization', 
@@ -1113,16 +1118,16 @@ class EntitiesDescriptor(SamlBase):
     """The md:EntitiesDescriptor element"""
 
     c_tag = 'EntitiesDescriptor'
-    c_namespace = MD_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
     c_attributes['name'] = 'name'
     c_attributes['ID'] = 'identifier'
     c_attributes['validUntil'] = 'valid_until'
     c_attributes['cacheDuration'] = 'cache_duration'
-    c_children['{%s}Signature' % ds.DS_NAMESPACE] = ('signature', ds.Signature)
+    c_children['{%s}Signature' % DS_NAMESPACE] = ('signature', ds.Signature)
-    c_children['{%s}Extensions' % MD_NAMESPACE] = ('extensions', Extensions)
+    c_children['{%s}Extensions' % NAMESPACE] = ('extensions', Extensions)
-    c_children['{%s}EntityDescriptor' % MD_NAMESPACE] = (
+    c_children['{%s}EntityDescriptor' % NAMESPACE] = (
         'entity_descriptor', [EntityDescriptor])
     c_child_order = ['signature', 'extensions', 'entity_descriptor',
                                     'entities_descriptor']
@@ -1156,7 +1161,7 @@ class EntitiesDescriptor(SamlBase):
         self.entity_descriptor = entity_descriptor or []
         self.entities_descriptor = entities_descriptor or []
 
-EntitiesDescriptor.c_children['{%s}EntitiesDescriptor' % MD_NAMESPACE] = (
+EntitiesDescriptor.c_children['{%s}EntitiesDescriptor' % NAMESPACE] = (
         'entities_descriptor', [EntitiesDescriptor])
     
 def entities_descriptor_from_string(xml_string):

src/saml2/metadata.py

@@ -49,8 +49,10 @@ class MetaData(dict):
     
     def __init_(self, arg=None):
         dict.__init__(self, arg)
+        self._loc_key = {}
+        self._loc_bind = {}
         
-    def import_metadata(self,xml_str):
+    def import_metadata(self, xml_str):
         """ Import information; organization distinguish name, location and
         certificates from a metadata file.
     
@@ -68,7 +70,8 @@ class MetaData(dict):
             
             #print "--",len(entity_descriptor.idp_sso_descriptor)
             for idp in entity_descriptor.idp_sso_descriptor:
-                if samlp.SAMLP_NAMESPACE not in idp.protocol_support_enumeration.split(" "):
+                if samlp.SAMLP_NAMESPACE not in \
+                        idp.protocol_support_enumeration.split(" "):
                     #print "<<<", idp.protocol_support_enumeration
                     continue
                 
@@ -142,7 +145,8 @@ def cert_from_assertion(assertion):
 def make_entity_description():
     org = md.Organization(
             organization_name = [md.Organization(text="Example Inc.")],
-            organization_url = [md.OrganizationURL(text="http://www.example.com/")])
+            organization_url = [md.OrganizationURL(
+                                    text="http://www.example.com/")])
             
     spsso = md.SPSSODescriptor(
             protocolSupportEnumeration = samlp.SAMLP_NAMESPACE,
@@ -150,7 +154,7 @@ def make_entity_description():
             authn_requests_signed = False
             )
             
-    return md.EntityDescription(
+    return md.EntityDescriptor(
         entity_id = "http://xenosmilus.umdc.umu.se:8087/",
         organization = org,
         sp_sso_descriptor = [spsso]

src/saml2/saml.py

@@ -29,8 +29,7 @@ import xmldsig as ds
 import saml2
 from saml2 import SamlBase
 
-SAML_NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:assertion'
+NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:assertion'
-SAML_TEMPLATE = '{urn:oasis:names:tc:SAML:2.0:assertion}%s'
 XSI_NAMESPACE = 'http://www.w3.org/2001/XMLSchema-instance'
 
 NAMEID_FORMAT_EMAILADDRESS = (
@@ -66,7 +65,7 @@ class BaseID(SamlBase):
     """ The saml:BaseID element """
 
     c_tag = 'BaseID'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
     c_attributes['NameQualifier'] = 'name_qualifier'
@@ -103,7 +102,7 @@ class NameID(BaseID):
     """The saml:NameID element"""
 
     c_tag = 'NameID'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = BaseID.c_children.copy()
     c_attributes = BaseID.c_attributes.copy()
     c_attributes['Format'] = 'name_format'
@@ -144,7 +143,7 @@ def name_id_from_string(xml_string):
 class EncryptedID(SamlBase):
     """The saml:EncryptedID element"""
     c_tag = 'EncryptedID'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
 
@@ -178,7 +177,7 @@ class AssertionIDRef(SamlBase):
     """The saml:AssertionIDRef element makes a reference to a SAML assertion 
     by its unique identifier."""
     c_tag = 'AssertionIDRef'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
 
@@ -194,7 +193,7 @@ class AssertionURIRef(SamlBase):
     """The saml:AssertionURIRef element makes a reference to a SAML assertion 
     by URI reference."""
     c_tag = 'AssertionURIRef'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
 
@@ -212,7 +211,7 @@ class EncryptedAssertion(SamlBase):
     Processing specification"""
     
     c_tag = 'EncryptedAssertion'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
 
@@ -233,7 +232,7 @@ class SubjectConfirmationData(SamlBase):
     under which the act of subject confirmation can take place"""
 
     c_tag = 'SubjectConfirmationData'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
     c_attributes['NotBefore'] = 'not_before'
@@ -293,25 +292,25 @@ class SubjectConfirmation(SamlBase):
     the party with whom the relying party is communicating."""
 
     c_tag = 'SubjectConfirmation'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
     c_attributes['Method'] = 'method'
-    c_children['{%s}BaseID' % SAML_NAMESPACE] = ('base_id', BaseID)
+    c_children['{%s}BaseID' % NAMESPACE] = ('base_id', BaseID)
-    c_children['{%s}NameID' % SAML_NAMESPACE] = ('name_id', NameID)
+    c_children['{%s}NameID' % NAMESPACE] = ('name_id', NameID)
-    c_children['{%s}EncryptedID' % SAML_NAMESPACE] = ('encrypted_id', 
+    c_children['{%s}EncryptedID' % NAMESPACE] = ('encrypted_id', 
         EncryptedID)
-    c_children['{%s}SubjectConfirmationData' % SAML_NAMESPACE] = (
+    c_children['{%s}SubjectConfirmationData' % NAMESPACE] = (
         'subject_confirmation_data', SubjectConfirmationData)
     c_child_order = ['base_id', 'name_id', 'encrypted_id', 
                     'subject_confirmation_data']
 
-    def __init__(self, method=None, name_id=None, 
+    def __init__(self, base_id=None, name_id=None, encrypted_id=None,
                     subject_confirmation_data=None, text=None, 
                     extension_elements=None, extension_attributes=None):
         """Constructor for SubjectConfirmation
 
-        :param method: Method attribute
+        :param base_id: Method attribute
         :param name_id: NameID element
         :param subject_confirmation_data: SubjectConfirmationData element
         :param text: The text data in this element
@@ -321,8 +320,9 @@ class SubjectConfirmation(SamlBase):
         """
 
         SamlBase.__init__(self, text, extension_elements, extension_attributes)
-        self.method = method
+        self.base_id = base_id
         self.name_id = name_id
+        self.encrypted_id = encrypted_id
         self.subject_confirmation_data = subject_confirmation_data
 
 def subject_confirmation_from_string(xml_string):
@@ -335,14 +335,13 @@ def subject_confirmation_from_string(xml_string):
 
 class Subject(SamlBase):
     """The saml:Subject element"""
-    # TODO: BaseID, EncryptedID element
 
     c_tag = 'Subject'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
-    c_children['{%s}NameID' % SAML_NAMESPACE] = ('name_id', NameID)
+    c_children['{%s}NameID' % NAMESPACE] = ('name_id', NameID)
-    c_children['{%s}SubjectConfirmation' % SAML_NAMESPACE] = (
+    c_children['{%s}SubjectConfirmation' % NAMESPACE] = (
         'subject_confirmation', [SubjectConfirmation])
     c_child_order = ['name_id', 'subject_confirmation']
 
@@ -375,7 +374,7 @@ class Condition(SamlBase):
     """The saml:Condition element"""
 
     c_tag = 'Condition'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
 
@@ -393,7 +392,7 @@ class Audience(SamlBase):
     audience."""
 
     c_tag = 'Audience'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
 
@@ -411,10 +410,10 @@ class AudienceRestriction(Condition):
     elements."""
 
     c_tag = 'AudienceRestriction'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = Condition.c_children.copy()
     c_attributes = Condition.c_attributes.copy()
-    c_children['{%s}Audience' % SAML_NAMESPACE] = ('audience', Audience)
+    c_children['{%s}Audience' % NAMESPACE] = ('audience', Audience)
 
     def __init__(self, audience=None, text=None,
                     extension_elements=None, extension_attributes=None):
@@ -427,7 +426,7 @@ class AudienceRestriction(Condition):
             pairs
         """
 
-        Condition.__init__(self, text,extension_elements, 
+        Condition.__init__(self, text, extension_elements, 
             extension_attributes)
         self.audience = audience
 
@@ -465,11 +464,11 @@ class ProxyRestriction(Condition):
     of the information contained in the original assertion."""
 
     c_tag = 'ProxyRestriction'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = Condition.c_children.copy()
     c_attributes = Condition.c_attributes.copy()
     c_attributes['Count'] = 'count'
-    c_children['{%s}Audience' % SAML_NAMESPACE] = ('audience', [Audience])
+    c_children['{%s}Audience' % NAMESPACE] = ('audience', [Audience])
 
     def __init__(self, count=None, audience=None, text=None,
                     extension_elements=None, extension_attributes=None):
@@ -501,17 +500,17 @@ class Conditions(SamlBase):
     """The saml:Conditions element"""
 
     c_tag = 'Conditions'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()    
     c_attributes['NotBefore'] = 'not_before'
     c_attributes['NotOnOrAfter'] = 'not_on_or_after'
-    c_children['{%s}Condition' % SAML_NAMESPACE] = ('condition', [Condition])
+    c_children['{%s}Condition' % NAMESPACE] = ('condition', [Condition])
-    c_children['{%s}AudienceRestriction' % SAML_NAMESPACE] = (
+    c_children['{%s}AudienceRestriction' % NAMESPACE] = (
         'audience_restriction', [AudienceRestriction])
-    c_children['{%s}OneTimeUse' % SAML_NAMESPACE] = (
+    c_children['{%s}OneTimeUse' % NAMESPACE] = (
         'one_time_use', [OneTimeUse])
-    c_children['{%s}ProxyRestriction' % SAML_NAMESPACE] = (
+    c_children['{%s}ProxyRestriction' % NAMESPACE] = (
         'proxy_restriction', [ProxyRestriction])
     c_child_order = ['condition', 'audience_restriction', 'one_time_use',
                                     'proxy_restriction']
@@ -565,7 +564,7 @@ class Statement(SamlBase):
     assertion-based applications to reuse the SAML assertion framework."""
 
     c_tag = 'Statement'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
     
@@ -581,7 +580,7 @@ class SubjectLocality(SamlBase):
     """The saml:SubjectLocality element"""
 
     c_tag = 'SubjectLocality'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
     c_attributes['Address'] = 'address'
@@ -613,7 +612,7 @@ class AuthnContextClassRef(SamlBase):
     """The saml:AuthnContextClassRef element"""
 
     c_tag = 'AuthnContextClassRef'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
 
@@ -626,7 +625,7 @@ class AuthnContextDeclRef(SamlBase):
     """The saml:AuthnContextDeclRef element"""
 
     c_tag = 'AuthnContextDeclRef'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
 
@@ -639,7 +638,7 @@ class AuthnContextDecl(SamlBase):
     """The saml:AuthnContextDecl element"""
 
     c_tag = 'AuthnContextDecl'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
 
@@ -652,7 +651,7 @@ class AuthenticatingAuthority(SamlBase):
     """The saml:AuthenticatingAuthority element"""
 
     c_tag = 'AuthenticatingAuthority'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
 
@@ -666,16 +665,16 @@ class AuthnContext(SamlBase):
     """The saml:AuthnContext element"""
 
     c_tag = 'AuthnContext'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
-    c_children['{%s}AuthnContextClassRef' % SAML_NAMESPACE] = (
+    c_children['{%s}AuthnContextClassRef' % NAMESPACE] = (
         'authn_context_class_ref', AuthnContextClassRef)
-    c_children['{%s}AuthnContextDeclRef' % SAML_NAMESPACE] = (
+    c_children['{%s}AuthnContextDeclRef' % NAMESPACE] = (
         'authn_context_decl_ref', AuthnContextDeclRef)
-    c_children['{%s}AuthnContextDecl' % SAML_NAMESPACE] = (
+    c_children['{%s}AuthnContextDecl' % NAMESPACE] = (
         'authn_context_decl', AuthnContextDecl)
-    c_children['{%s}AuthenticatingAuthority' % SAML_NAMESPACE] = (
+    c_children['{%s}AuthenticatingAuthority' % NAMESPACE] = (
         'authenticating_authority', [AuthenticatingAuthority])
     c_child_order = ['authn_context_class_ref', 
                     'authn_context_decl', 'authn_context_decl_ref',
@@ -725,15 +724,15 @@ class AuthnStatement(Statement):
     """The saml:AuthnStatement element"""
 
     c_tag = 'AuthnStatement'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = Statement.c_children.copy()
     c_attributes = Statement.c_attributes.copy()
     c_attributes['AuthnInstant'] = 'authn_instant'
     c_attributes['SessionIndex'] = 'session_index'
     c_attributes['SessionNotOnOrAfter'] = 'session_not_on_or_after'
-    c_children['{%s}SubjectLocality' % SAML_NAMESPACE] = (
+    c_children['{%s}SubjectLocality' % NAMESPACE] = (
         'subject_locality', SubjectLocality)
-    c_children['{%s}AuthnContext' % SAML_NAMESPACE] = (
+    c_children['{%s}AuthnContext' % NAMESPACE] = (
         'authn_context', AuthnContext)
     c_child_order = ['subject_locality', 'authn_context']
     
@@ -784,7 +783,7 @@ class AttributeValue(SamlBase):
     attribute."""
 
     c_tag = 'AttributeValue'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
 
@@ -803,7 +802,7 @@ class EncryptedAttribute(SamlBase):
     specification."""
 
     c_tag = 'EncryptedAttribute'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
 
@@ -819,13 +818,13 @@ class Attribute(SamlBase):
     """The saml:Attribute element"""
 
     c_tag = 'Attribute'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
     c_attributes['Name'] = 'name'
     c_attributes['NameFormat'] = 'name_format'
     c_attributes['FriendlyName'] = 'friendly_name'
-    c_children['{%s}AttributeValue' % SAML_NAMESPACE] = ('attribute_value', 
+    c_children['{%s}AttributeValue' % NAMESPACE] = ('attribute_value', 
                                                         [AttributeValue])
     
     def __init__(self, name=None, name_format=None, friendly_name=None,
@@ -868,13 +867,12 @@ class AttributeStatement(Statement):
     authority asserting that the assertion subject is associated with the 
     specified attributes."""
 
-    # TODO: EncryptedAttribute
     c_tag = 'AttributeStatement'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = Statement.c_children.copy()
     c_attributes = Statement.c_attributes.copy()
-    c_children['{%s}Attribute' % SAML_NAMESPACE] = ('attribute', [Attribute])
+    c_children['{%s}Attribute' % NAMESPACE] = ('attribute', [Attribute])
-    c_children['{%s}EncryptedAttribute' % SAML_NAMESPACE] = (
+    c_children['{%s}EncryptedAttribute' % NAMESPACE] = (
             'encrypted_attribute', [EncryptedAttribute])
     c_child_order = ['attribute', 'encrypted_attribute']
     
@@ -908,7 +906,7 @@ class Action(SamlBase):
     for which permission is sought."""
 
     c_tag = 'Action'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
     c_attributes['Namespace'] = 'namespace'
@@ -943,16 +941,16 @@ class Evidence(SamlBase):
     the authorization decision."""
 
     c_tag = 'Evidence'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
-    c_children['{%s}AssertionIDRef' % SAML_NAMESPACE] = ('assertion_id_ref', 
+    c_children['{%s}AssertionIDRef' % NAMESPACE] = ('assertion_id_ref', 
                                                         [AssertionIDRef])
-    c_children['{%s}AssertionURIRef' % SAML_NAMESPACE] = ('assertion_uri_ref', 
+    c_children['{%s}AssertionURIRef' % NAMESPACE] = ('assertion_uri_ref', 
                                                         [AssertionURIRef])
-    c_children['{%s}EncryptedAssertion' % SAML_NAMESPACE] = (
+    c_children['{%s}EncryptedAssertion' % NAMESPACE] = (
         'encrypted_assertion', [EncryptedAssertion])
-    c_child_order = ['assertion_id_ref', 'assertion_uri_ref',
+    c_child_order = ['assertion_id_ref', 'assertion_uri_ref', 'assertion',
                     'encrypted_assertion']
     
     def __init__(self, assertion_id_ref=None, assertion_uri_ref=None,
@@ -992,14 +990,14 @@ class AuthzDecisionStatement(Statement):
     decision on the basis of some optionally specified evidence."""
 
     c_tag = 'AuthzDecisionStatement'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = Statement.c_children.copy()
     c_attributes = Statement.c_attributes.copy()
 
     c_attributes['Resource'] = 'resource'
     c_attributes['Decision'] = 'decision'
-    c_children['{%s}Action' % SAML_NAMESPACE] = ('action', [Action])
+    c_children['{%s}Action' % NAMESPACE] = ('action', [Action])
-    c_children['{%s}Evidence' % SAML_NAMESPACE] = ('evidence', [Evidence])
+    c_children['{%s}Evidence' % NAMESPACE] = ('evidence', [Evidence])
     c_child_order = ['action', 'evidence']
 
     def __init__(self, resource=None, decision=None, action=None,
@@ -1041,23 +1039,23 @@ def authz_decision_statement_from_string(xml_string):
 class Assertion(SamlBase):
     """The saml:Assertion element"""
     c_tag = 'Assertion'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
     c_attributes['Version'] = 'version'
     c_attributes['ID'] = 'identifier'
     c_attributes['IssueInstant'] = 'issue_instant'
-    c_children['{%s}Issuer' % SAML_NAMESPACE] = ('issuer', Issuer)
+    c_children['{%s}Issuer' % NAMESPACE] = ('issuer', Issuer)
-    c_children['{%s}Signature' % ds.DS_NAMESPACE] = ('signature', ds.Signature)
+    c_children['{%s}Signature' % ds.NAMESPACE] = ('signature', ds.Signature)
-    c_children['{%s}Subject' % SAML_NAMESPACE] = ('subject', Subject)
+    c_children['{%s}Subject' % NAMESPACE] = ('subject', Subject)
-    c_children['{%s}Conditions' % SAML_NAMESPACE] = ('conditions', Conditions)
+    c_children['{%s}Conditions' % NAMESPACE] = ('conditions', Conditions)
-    #c_children['{%s}Advice' % SAML_NAMESPACE] = ('advice', Advice)
+    #c_children['{%s}Advice' % NAMESPACE] = ('advice', Advice)
-    c_children['{%s}Statement' % SAML_NAMESPACE] = ('statement', [Statement])
+    c_children['{%s}Statement' % NAMESPACE] = ('statement', [Statement])
-    c_children['{%s}AuthnStatement' % SAML_NAMESPACE] = (
+    c_children['{%s}AuthnStatement' % NAMESPACE] = (
         'authn_statement', [AuthnStatement])
-    c_children['{%s}AuthzDecisionStatement' % SAML_NAMESPACE] = (
+    c_children['{%s}AuthzDecisionStatement' % NAMESPACE] = (
         'authz_decision_statement', [AuthzDecisionStatement])
-    c_children['{%s}AttributeStatement' % SAML_NAMESPACE] = (
+    c_children['{%s}AttributeStatement' % NAMESPACE] = (
         'attribute_statement', [AttributeStatement])
     c_child_order = ['issuer', 'signature', 'subject', 'conditions', 'advice',
                     'statement', 'authn_statement', 'authz_decision_statement',
@@ -1124,7 +1122,7 @@ def assertion_from_string(xml_string):
     """ Create Assertion instance from an XML string """
     return saml2.create_class_from_xml_string(Assertion, xml_string)
 
-Evidence.c_children['{%s}Assertion' % SAML_NAMESPACE] = (
+Evidence.c_children['{%s}Assertion' % NAMESPACE] = (
     'assertion', [Assertion])
 
 # ---------------------------------------------------------------------------
@@ -1136,18 +1134,18 @@ class Advice(SamlBase):
     SAML authority wishes to provide."""
 
     c_tag = 'Advice'
-    c_namespace = SAML_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
-    c_children['{%s}AssertionIDRef' % SAML_NAMESPACE] = ('assertion_id_ref', 
+    c_children['{%s}AssertionIDRef' % NAMESPACE] = ('assertion_id_ref', 
                                                         [AssertionIDRef])
-    c_children['{%s}AssertionURIRef' % SAML_NAMESPACE] = ('assertion_uri_ref', 
+    c_children['{%s}AssertionURIRef' % NAMESPACE] = ('assertion_uri_ref', 
                                                         [AssertionURIRef])
-    c_children['{%s}Assertion' % SAML_NAMESPACE] = ('assertion', [Assertion])
+    c_children['{%s}Assertion' % NAMESPACE] = ('assertion', [Assertion])
-    c_children['{%s}EncryptedAssertion' % SAML_NAMESPACE] = (
+    c_children['{%s}EncryptedAssertion' % NAMESPACE] = (
             'encrypted_assertion', [EncryptedAssertion])
     c_child_order = ['assertion_id_ref', 'assertion_uri_ref',
-                    'statement', 'encrypted_assertion']
+                    'assertion', 'encrypted_assertion']
 
     def __init__(self, assertion_id_ref=None, assertion_uri_ref=None,
                     assertion=None, encrypted_assertion=None, text=None,
@@ -1174,4 +1172,41 @@ def advice_from_string(xml_string):
     """ Create Advice instance from an XML string """
     return saml2.create_class_from_xml_string(Advice, xml_string)
 
-Assertion.c_children['{%s}Advice' % SAML_NAMESPACE] = ('advice', Advice)
+Assertion.c_children['{%s}Advice' % NAMESPACE] = ('advice', Advice)
+Evidence.c_children['{%s}Assertion' % NAMESPACE] = ('assertion', [Assertion])
+
+ELEMENT_FROM_STRING = {
+    BaseID.c_tag: base_id_from_string,
+    NameID.c_tag: name_id_from_string,
+    EncryptedID.c_tag: encrypted_id_from_string,
+    Issuer.c_tag: issuer_from_string,
+    AssertionIDRef.c_tag: assertion_id_ref_from_string,
+    AssertionURIRef.c_tag: assertion_uri_ref_from_string,
+    EncryptedAssertion.c_tag: encrypted_assertion_from_string,
+    SubjectConfirmationData.c_tag: subject_confirmation_data_from_string,
+    SubjectConfirmation.c_tag: subject_confirmation_from_string,
+    Subject.c_tag: subject_from_string,
+    Condition.c_tag: condition_from_string,
+    Audience.c_tag: audience_from_string,
+    AudienceRestriction.c_tag: audience_restriction_from_string,
+    OneTimeUse.c_tag: one_time_use_from_string,
+    ProxyRestriction.c_tag: proxy_restriction_from_string,
+    Conditions.c_tag: conditions_from_string,
+    Statement.c_tag: statement_from_string,
+    SubjectLocality.c_tag: subject_locality_from_string,
+    AuthnContextClassRef.c_tag: authn_context_class_ref_from_string,
+    AuthnContextDeclRef.c_tag: authn_context_decl_ref_from_string,
+    AuthnContextDecl.c_tag: authn_context_decl_from_string,
+    AuthenticatingAuthority.c_tag: authenticating_authority_from_string,
+    AuthnContext.c_tag: authn_context_from_string,
+    AuthnStatement(Statement): authn_statement_from_string,
+    AttributeValue.c_tag: attribute_value_from_string,
+    EncryptedAttribute.c_tag: encrypted_attribute_from_string,
+    Attribute.c_tag: attribute_from_string,
+    AttributeStatement(Statement): attribute_statement_from_string,
+    Action.c_tag: action_from_string,
+    Evidence.c_tag: evidence_from_string,
+    AuthzDecisionStatement(Statement): authz_decision_statement_from_string,
+    Assertion.c_tag: assertion_from_string,
+    Advice.c_tag: advice_from_string,
+}

src/saml2/samlp.py

@@ -93,18 +93,18 @@ class AbstractRequest(SamlBase):
     c_attributes['IssueInstant'] = 'issue_instant'
     c_attributes['Destination'] = 'destination'
     c_attributes['Consent'] = 'consent'
-    c_children['{%s}Issuer' % saml.SAML_NAMESPACE] = ('issuer', saml.Issuer)
+    c_children['{%s}Issuer' % saml.NAMESPACE] = ('issuer', saml.Issuer)
-    c_children['{%s}Signature' % ds.DS_NAMESPACE] = ('signature', ds.Signature)
+    c_children['{%s}Signature' % ds.NAMESPACE] = ('signature', ds.Signature)
     c_children['{%s}Extensions' % SAMLP_NAMESPACE] = ('extensions', Extensions)
     c_child_order = ['issuer', 'signature', 'extensions']
 
-    def __init__(self, identifier=None, version=None, issue_instant=None,
+    def __init__(self, id=None, version=None, issue_instant=None,
                 destination=None, consent=None, issuer=None, signature=None,
                 extensions=None, text=None, extension_elements=None, 
                 extension_attributes=None):
         """Constructor for AbstractRequest
 
-        :param identifier: ID attribute
+        :param id: ID attribute
         :param version: Version attribute
         :param issue_instant: IssueInstant attribute
         :param destination: Destination attribute
@@ -117,7 +117,7 @@ class AbstractRequest(SamlBase):
         :param extension_attributes: A dictionary of attribute value string pairs
         """
         SamlBase.__init__(self, text, extension_elements, extension_attributes)
-        self.id = identifier
+        self.id = id
         self.version = version
         self.issue_instant = issue_instant
         self.destination = destination
@@ -250,23 +250,23 @@ class StatusResponse(SamlBase):
     c_attributes['IssueInstant'] = 'issue_instant'
     c_attributes['Destination'] = 'destination'
     c_attributes['Consent'] = 'consent'
-    c_children['{%s}Issuer' % saml.SAML_NAMESPACE] = (
+    c_children['{%s}Issuer' % saml.NAMESPACE] = (
         'issuer', saml.Issuer)
-    c_children['{%s}Signature' % ds.DS_NAMESPACE] = (
+    c_children['{%s}Signature' % ds.NAMESPACE] = (
         'signature', ds.Signature)
     c_children['{%s}Extensions' % SAMLP_NAMESPACE] = (
         'extensions', Extensions)
     c_children['{%s}Status' % SAMLP_NAMESPACE] = ('status', Status)
     c_child_order = ['issuer', 'signature', 'extensions', 'status']
 
-    def __init__(self, identifier=None, in_response_to=None, version=None,
+    def __init__(self, id=None, in_response_to=None, version=None,
                 issue_instant=None, destination=None, consent=None,
                 issuer=None, signature=None, extensions=None, status=None,
                 text=None, extension_elements=None, 
                 extension_attributes=None):
         """Constructor for StatusResponse
 
-        :param identifier: ID attribute
+        :param id: ID attribute
         :param in_respones_to: InResponseTo attribute
         :param version: Version attribute
         :param issue_instant: IssueInstant attribute
@@ -284,7 +284,7 @@ class StatusResponse(SamlBase):
 
         SamlBase.__init__(self, text, extension_elements, 
                             extension_attributes)
-        self.id = identifier
+        self.id = id
         self.in_response_to = in_response_to
         self.version = version
         self.issue_instant = issue_instant
@@ -313,14 +313,14 @@ class AssertionIDRequest(AbstractRequest):
     c_attributes = AbstractRequest.c_attributes.copy()
     c_attributes["AssertionIDRef"] = 'assertion_id_ref'
 
-    def __init__(self, identifier=None, version=None, issue_instant=None,
+    def __init__(self, id=None, version=None, issue_instant=None,
                 destination=None, consent=None, issuer=None, signature=None,
                 extensions=None, assertion_id_ref=None,
                 text=None, extension_elements=None, 
                 extension_attributes=None):
         """Constructor for AssertionIDRequest
 
-        :param identifier: ID attribute
+        :param id: ID attribute
         :param version: Version attribute
         :param issue_instant: IssueInstant attribute
         :param destination: Destination attribute
@@ -335,7 +335,7 @@ class AssertionIDRequest(AbstractRequest):
             string pairs
         """
 
-        AbstractRequest.__init__(self, identifier, version, issue_instant, 
+        AbstractRequest.__init__(self, id, version, issue_instant, 
                                 destination, consent, issuer, signature, 
                                 extensions, text, extension_elements, 
                                 extension_attributes)
@@ -357,17 +357,17 @@ class SubjectQuery(AbstractRequest):
     c_namespace = SAMLP_NAMESPACE
     c_children = AbstractRequest.c_children.copy()
     c_attributes = AbstractRequest.c_attributes.copy()
-    c_children['{%s}Subject' % saml.SAML_NAMESPACE] = (
+    c_children['{%s}Subject' % saml.NAMESPACE] = (
         'subject', saml.Subject)
 
-    def __init__(self, identifier=None, version=None, issue_instant=None,
+    def __init__(self, id=None, version=None, issue_instant=None,
                 destination=None, consent=None, issuer=None, signature=None,
                 extensions=None, subject=None,
                 text=None, extension_elements=None, 
                 extension_attributes=None):
         """Constructor for SubjectQuery
 
-        :param identifier: ID attribute
+        :param id: ID attribute
         :param version: Version attribute
         :param issue_instant: IssueInstant attribute
         :param destination: Destination attribute
@@ -382,7 +382,7 @@ class SubjectQuery(AbstractRequest):
             string pairs
         """
 
-        AbstractRequest.__init__(self, identifier, version, issue_instant, 
+        AbstractRequest.__init__(self, id, version, issue_instant, 
                                 destination, consent, issuer, signature, 
                                 extensions, text, extension_elements, 
                                 extension_attributes)
@@ -421,14 +421,14 @@ class AuthnQuery(SubjectQuery):
     c_attributes = SubjectQuery.c_attributes.copy()
     c_attributes['SessionIndex'] = 'session_index'
 
-    def __init__(self, identifier=None, version=None, issue_instant=None,
+    def __init__(self, id=None, version=None, issue_instant=None,
                 destination=None, consent=None, issuer=None, signature=None,
                 extensions=None, subject=None,
                 text=None, extension_elements=None, 
                 extension_attributes=None):
         """Constructor for SubjectQuery
 
-        :param identifier: ID attribute
+        :param id: ID attribute
         :param version: Version attribute
         :param issue_instant: IssueInstant attribute
         :param destination: Destination attribute
@@ -443,7 +443,7 @@ class AuthnQuery(SubjectQuery):
             string pairs
         """
 
-        SubjectQuery.__init__(self, identifier, version, issue_instant, 
+        SubjectQuery.__init__(self, id, version, issue_instant, 
                                 destination, consent, issuer, signature, 
                                 extensions, text, extension_elements, 
                                 extension_attributes)
@@ -466,9 +466,9 @@ class RequestedAuthnContext(SamlBase):
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
     c_attributes['Comparison'] = 'comparison'
-    c_children['{%s}AuthnContextClassRef' % saml.SAML_NAMESPACE] = (
+    c_children['{%s}AuthnContextClassRef' % saml.NAMESPACE] = (
         'authn_context_class_ref', [saml.AuthnContextClassRef])
-    c_children['{%s}AuthnContextDeclRef' % saml.SAML_NAMESPACE] = (
+    c_children['{%s}AuthnContextDeclRef' % saml.NAMESPACE] = (
         'authn_context_decl_ref', [saml.AuthnContextDeclRef])
 
     def __init__(self, comparison=None, authn_context_class_ref=None,
@@ -504,17 +504,17 @@ class AttributeQuery(SubjectQuery):
     c_namespace = SAMLP_NAMESPACE
     c_children = SubjectQuery.c_children.copy()
     c_attributes = SubjectQuery.c_attributes.copy()
-    c_children['{%s}Attribute' % saml.SAML_NAMESPACE] = (
+    c_children['{%s}Attribute' % saml.NAMESPACE] = (
         'attribute', saml.Attribute)
 
-    def __init__(self, identifier=None, version=None, issue_instant=None,
+    def __init__(self, id=None, version=None, issue_instant=None,
                 destination=None, consent=None, issuer=None, signature=None,
                 extensions=None, subject=None, attribute=None,
                 text=None, extension_elements=None, 
                 extension_attributes=None):
         """Constructor for AttributeQuery
 
-        :param identifier: ID attribute
+        :param id: ID attribute
         :param version: Version attribute
         :param issue_instant: IssueInstant attribute
         :param destination: Destination attribute
@@ -531,7 +531,7 @@ class AttributeQuery(SubjectQuery):
             string pairs
         """
 
-        SubjectQuery.__init__(self, identifier, version, issue_instant, 
+        SubjectQuery.__init__(self, id, version, issue_instant, 
                                 destination, consent, issuer, signature, 
                                 extensions, subject, text, extension_elements, 
                                 extension_attributes)
@@ -548,13 +548,13 @@ class Resource(SamlBase):
     """The saml:Resource element"""
 
     c_tag = 'Resource'
-    c_namespace = saml.SAML_NAMESPACE
+    c_namespace = saml.NAMESPACE
     c_children = SamlBase.c_children.copy()
     c_attributes = SamlBase.c_attributes.copy()
 
 def resource_from_string(xml_string):
     """ Create Resource instance from an XML string """
-    return saml2.create_class_from_xml_string(Resource, xml_string)
+    return create_class_from_xml_string(Resource, xml_string)
 
 # --------------------------------------------------------------------------
 # 3.3.2.4 AuthzDecisionQuery
@@ -567,15 +567,15 @@ class AuthzDecisionQuery(SubjectQuery):
     c_namespace = SAMLP_NAMESPACE
     c_children = SubjectQuery.c_children.copy()
     c_attributes = SubjectQuery.c_attributes.copy()
-    c_children['{%s}Resource' % saml.SAML_NAMESPACE] = (
+    c_children['{%s}Resource' % saml.NAMESPACE] = (
         'resource', Resource)
-    c_children['{%s}Action' % saml.SAML_NAMESPACE] = (
+    c_children['{%s}Action' % saml.NAMESPACE] = (
         'action', saml.Action)
-    c_children['{%s}Evidence' % saml.SAML_NAMESPACE] = (
+    c_children['{%s}Evidence' % saml.NAMESPACE] = (
         'evidence', saml.Evidence)
     c_child_order = ['action', 'evidence', 'resource']
 
-    def __init__(self, identifier=None, version=None, issue_instant=None,
+    def __init__(self, id=None, version=None, issue_instant=None,
                 destination=None, consent=None, issuer=None, signature=None,
                 extensions=None, subject=None, resource=None, 
                 action=None, evidence=None,
@@ -583,7 +583,7 @@ class AuthzDecisionQuery(SubjectQuery):
                 extension_attributes=None):
         """Constructor for AuthzDecisionQuery
 
-        :param identifier: ID attribute
+        :param id: ID attribute
         :param version: Version attribute
         :param issue_instant: IssueInstant attribute
         :param destination: Destination attribute
@@ -603,7 +603,7 @@ class AuthzDecisionQuery(SubjectQuery):
             string pairs
         """
 
-        SubjectQuery.__init__(self, identifier, version, issue_instant, 
+        SubjectQuery.__init__(self, id, version, issue_instant, 
                                 destination, consent, issuer, signature, 
                                 extensions, subject, text, extension_elements, 
                                 extension_attributes)
@@ -612,9 +612,9 @@ class AuthzDecisionQuery(SubjectQuery):
         self.action = action or []
         self.evidence = evidence
         
-def attribute_query_from_string(xml_string):
+def authz_decision_query_from_string(xml_string):
-    """ Create AttributeQuery instance from an XML string """
+    """ Create AuthzDecisionQuery instance from an XML string """
-    return create_class_from_xml_string(AttributeQuery, xml_string)
+    return create_class_from_xml_string(AuthzDecisionQuery, xml_string)
     
 # ==========================================================================
 # 3.3.3 Response
@@ -627,21 +627,21 @@ class Response(StatusResponse):
     c_namespace = SAMLP_NAMESPACE
     c_children = StatusResponse.c_children.copy()
     c_attributes = StatusResponse.c_attributes.copy()
-    c_children['{%s}Assertion' % saml.SAML_NAMESPACE] = (
+    c_children['{%s}Assertion' % saml.NAMESPACE] = (
         'assertion', [saml.Assertion])
-    c_children['{%s}EncryptedAssertion' % saml.SAML_NAMESPACE] = (
+    c_children['{%s}EncryptedAssertion' % saml.NAMESPACE] = (
         'encrypted_assertion', [saml.EncryptedAssertion])
     c_child_order = ['issuer', 'signature', 'extensions', 'status', 
                     'assertion', 'encrypted_assertion']
 
-    def __init__(self, identifier=None, in_response_to=None, version=None,
+    def __init__(self, id=None, in_response_to=None, version=None,
                 issue_instant=None, destination=None, consent=None,
                 issuer=None, signature=None, extensions=None, status=None,
                 assertion=None, encrypted_assertion=None,
                 text=None, extension_elements=None, extension_attributes=None):
         """Constructor for Response
 
-        :param identifier: ID attribute
+        :param id: ID attribute
         :param in_respones_to: InResponseTo attribute
         :param version: Version attribute
         :param issue_instant: IssueInstant attribute
@@ -657,7 +657,7 @@ class Response(StatusResponse):
         :param extension_elements: A list of ExtensionElement instances
         :param extension_attributes: A dictionary of attribute value string pairs
         """
-        StatusResponse.__init__(self, identifier, in_response_to,
+        StatusResponse.__init__(self, id, in_response_to,
                                 version, issue_instant,
                                 destination, consent,
                                 issuer, signature,
@@ -864,10 +864,10 @@ class AuthnRequest(AbstractRequest):
     c_attributes['AssertionConsumingServiceIndex'] = \
                             'assertion_consuming_service_index'
     c_attributes['ProviderName'] = 'provider_name'
-    c_children['{%s}Subject' % saml.SAML_NAMESPACE] = ('subject', saml.Subject)
+    c_children['{%s}Subject' % saml.NAMESPACE] = ('subject', saml.Subject)
     c_children['{%s}NameIDPolicy' % SAMLP_NAMESPACE] = (
                             'name_id_policy', NameIDPolicy)
-    c_children['{%s}Conditions' % saml.SAML_NAMESPACE] = (
+    c_children['{%s}Conditions' % saml.NAMESPACE] = (
                             'conditions', saml.Conditions)
     c_children['{%s}RequestedAuthnContext' % SAMLP_NAMESPACE] = (
                             'requested_authn_context', RequestedAuthnContext)
@@ -876,7 +876,7 @@ class AuthnRequest(AbstractRequest):
                     'name_id_policy', 'conditions', 'requested_authn_context',
                     'scoping']
 
-    def __init__(self, identifier=None, version=None, issue_instant=None,
+    def __init__(self, id=None, version=None, issue_instant=None,
                 destination=None, consent=None, issuer=None, signature=None,
                 extensions=None, subject=None, name_id_policy=None,
                 conditions=None, requested_authn_context=None, scoping=None,
@@ -888,7 +888,7 @@ class AuthnRequest(AbstractRequest):
                 extension_elements=None, extension_attributes=None):
         """Constructor for AuthnRequest
 
-        :param identifier: ID attribute
+        :param id: ID attribute
         :param version: Version attribute
         :param issue_instant: IssueInstant attribute
         :param destination: Destination attribute
@@ -916,7 +916,7 @@ class AuthnRequest(AbstractRequest):
         :param extension_attributes: A dictionary of attribute value string 
                 pairs
         """
-        AbstractRequest.__init__(self, identifier, version, issue_instant, 
+        AbstractRequest.__init__(self, id, version, issue_instant, 
                                 destination, consent, issuer, signature, 
                                 extensions, text, extension_elements, 
                                 extension_attributes)
@@ -970,7 +970,7 @@ def terminate_from_string(xml_string):
 
 class ManageNameIDRequest(AbstractRequest):
     """The samlp:NameIDMappingRequest element
-    To request an alternate name identifier for a principal from an identity
+    To request an alternate name id for a principal from an identity
     provider, a requester sends an NameIDMappingRequest message
     """
 
@@ -979,25 +979,31 @@ class ManageNameIDRequest(AbstractRequest):
     c_children = AbstractRequest.c_children.copy()
     c_attributes = AbstractRequest.c_attributes.copy()
     c_attributes["NewID"] = "new_id"
-    c_children['{%s}NameID' % saml.SAML_NAMESPACE] = ('name_id', saml.NameID)
+    c_children['{%s}NameID' % saml.NAMESPACE] = ('name_id', saml.NameID)
-    c_children['{%s}EncryptedID' % saml.SAML_NAMESPACE] = (
+    c_children['{%s}EncryptedID' % saml.NAMESPACE] = (
         'encrypted_id', saml.EncryptedID)
-    c_children['{%s}NewEncryptedID' % saml.SAML_NAMESPACE] = (
+    c_children['{%s}NewEncryptedID' % saml.NAMESPACE] = (
         'new_encrypted_id', saml.EncryptedID)
     c_children['{%s}Terminate' % SAMLP_NAMESPACE] = (
         'terminate', Terminate)
     c_child_order = ['name_id', 'encrypted_id', 
                     'new_id', 'new_encrypted_id', 'terminate']
 
-    def __init__(self, identifier=None, version=None, issue_instant=None,
+    def __init__(self, new_id=None, name_id=None, encrypted_id=None, 
+                new_encrypted_id=None, terminate=None,
+                id=None, version=None, issue_instant=None,
                 destination=None, consent=None, issuer=None, signature=None,
-                extensions=None,
+                extensions=None, name_id_policy=None, text=None,
-                base_id=None, name_id=None, encrypted_id=None,
-                name_id_policy=None, text=None,
                 extension_elements=None, extension_attributes=None):
         """Constructor for ManageNameIDRequest
 
-        :param identifier: ID attribute
+        :param new_id: The new id value
+        :param name_id: NameID element
+        :param encrypted_id: EncryptedID element
+        :param new_encrypted_id:
+        :param terminate:
+
+        :param id: ID attribute
         :param version: Version attribute
         :param issue_instant: IssueInstant attribute
         :param destination: Destination attribute
@@ -1005,25 +1011,19 @@ class ManageNameIDRequest(AbstractRequest):
         :param issuer: Issuer element
         :param signature: Signature element
         :param extensions: Extensions element
-        :param name_id: NameID element
-        :param encrypted_id: EncryptedID element
-        :param new_id: The new identifier value
-        :param new_encrypted_id:
-        :param terminate:
         :param text: The text data in the this element
         :param extension_elements: A list of ExtensionElement instances
         :param extension_attributes: A dictionary of attribute value string pairs
         """
-        AbstractRequest.__init__(self, identifier, version, issue_instant, 
+        AbstractRequest.__init__(self, id, version, issue_instant, 
                                 destination, consent, issuer, signature, 
                                 extensions, text, extension_elements, 
                                 extension_attributes)
-        self.not_on_or_after = not_on_or_after
+        self.new_id = new_id
-        self.reason = reason
-        self.base_id = base_id
         self.name_id = name_id
         self.encrypted_id = encrypted_id
-        self.session_index = session_index
+        self.new_encrypted_id = new_encrypted_id
+        self.terminate = terminate
 
 def manage_name_id_request_from_string(xml_string):
     """ Create ManageNameIDRequest instance from an XML string """
@@ -1060,16 +1060,16 @@ class LogoutRequest(AbstractRequest):
     c_attributes = AbstractRequest.c_attributes.copy()
     c_attributes['NotOnOrAfter'] = 'not_on_or_after'
     c_attributes['Reason'] = 'reason'
-    c_children['{%s}BaseID' % saml.SAML_NAMESPACE] = ('base_id', saml.BaseID)
+    c_children['{%s}BaseID' % saml.NAMESPACE] = ('base_id', saml.BaseID)
-    c_children['{%s}NameID' % saml.SAML_NAMESPACE] = ('name_id', saml.NameID)
+    c_children['{%s}NameID' % saml.NAMESPACE] = ('name_id', saml.NameID)
-    c_children['{%s}EncryptedID' % saml.SAML_NAMESPACE] = (
+    c_children['{%s}EncryptedID' % saml.NAMESPACE] = (
         'encrypted_id', saml.EncryptedID)
     c_children['{%s}SessionIndex' % SAMLP_NAMESPACE] = (
         'session_index', SessionIndex)
     c_child_order = ['issuer', 'signature', 'extensions', 'base_id', 
                         'name_id', 'encrypted_id', 'session_index']
 
-    def __init__(self, identifier=None, version=None, issue_instant=None,
+    def __init__(self, id=None, version=None, issue_instant=None,
                 destination=None, consent=None, issuer=None, signature=None,
                 extensions=None, not_on_or_after=None, reason=None,
                 base_id=None, name_id=None, encrypted_id=None,
@@ -1077,7 +1077,7 @@ class LogoutRequest(AbstractRequest):
                 extension_elements=None, extension_attributes=None):
         """Constructor for LogoutRequest
 
-        :param identifier: ID attribute
+        :param id: ID attribute
         :param version: Version attribute
         :param issue_instant: IssueInstant attribute
         :param destination: Destination attribute
@@ -1095,7 +1095,7 @@ class LogoutRequest(AbstractRequest):
         :param extension_elements: A list of ExtensionElement instances
         :param extension_attributes: A dictionary of attribute value string pairs
         """
-        AbstractRequest.__init__(self, identifier, version, issue_instant, 
+        AbstractRequest.__init__(self, id, version, issue_instant, 
                                 destination, consent, issuer, signature, 
                                 extensions, text, extension_elements, 
                                 extension_attributes)
@@ -1133,7 +1133,7 @@ def logout_response_from_string(xml_string):
 
 class NameIDMappingRequest(AbstractRequest):
     """The samlp:NameIDMappingRequest element
-    To request an alternate name identifier for a principal from an identity
+    To request an alternate name id for a principal from an identity
     provider, a requester sends an NameIDMappingRequest message
     """
 
@@ -1141,23 +1141,29 @@ class NameIDMappingRequest(AbstractRequest):
     c_namespace = SAMLP_NAMESPACE
     c_children = AbstractRequest.c_children.copy()
     c_attributes = AbstractRequest.c_attributes.copy()
-    c_children['{%s}BaseID' % saml.SAML_NAMESPACE] = ('base_id', saml.BaseID)
+    c_children['{%s}BaseID' % saml.NAMESPACE] = ('base_id', saml.BaseID)
-    c_children['{%s}NameID' % saml.SAML_NAMESPACE] = ('name_id', saml.NameID)
+    c_children['{%s}NameID' % saml.NAMESPACE] = ('name_id', saml.NameID)
-    c_children['{%s}EncryptedID' % saml.SAML_NAMESPACE] = (
+    c_children['{%s}EncryptedID' % saml.NAMESPACE] = (
         'encrypted_id', saml.EncryptedID)
     c_children['{%s}NameIDPolicy' % SAMLP_NAMESPACE] = (
         'name_id_policy', NameIDPolicy)
     c_child_order = ['base_id', 'name_id', 'encrypted_id', 'name_id_policy']
 
-    def __init__(self, identifier=None, version=None, issue_instant=None,
+    def __init__(self, base_id=None, name_id=None, encrypted_id=None,
+                name_id_policy=None,
+                id=None, version=None, issue_instant=None,
                 destination=None, consent=None, issuer=None, signature=None,
                 extensions=None,
-                base_id=None, name_id=None, encrypted_id=None,
+                text=None,
-                name_id_policy=None, text=None,
                 extension_elements=None, extension_attributes=None):
         """Constructor for LogoutRequest
 
-        :param identifier: ID attribute
+        :param base_id: BaseID element
+        :param name_id: NameID element
+        :param encrypted_id: EncryptedID element
+        :param name_id_policy: The requirements regarding the format and
+            optional name qualifier for the id to be returned.
+        :param id: ID attribute
         :param version: Version attribute
         :param issue_instant: IssueInstant attribute
         :param destination: Destination attribute
@@ -1165,25 +1171,18 @@ class NameIDMappingRequest(AbstractRequest):
         :param issuer: Issuer element
         :param signature: Signature element
         :param extensions: Extensions element
-        :param base_id: BaseID element
-        :param name_id: NameID element
-        :param encrypted_id: EncryptedID element
-        :param name_id_policy: The requirements regarding the format and
-            optional name qualifier for the identifier to be returned.
         :param text: The text data in the this element
         :param extension_elements: A list of ExtensionElement instances
         :param extension_attributes: A dictionary of attribute value string pairs
         """
-        AbstractRequest.__init__(self, identifier, version, issue_instant, 
+        AbstractRequest.__init__(self, id, version, issue_instant, 
                                 destination, consent, issuer, signature, 
                                 extensions, text, extension_elements, 
                                 extension_attributes)
-        self.not_on_or_after = not_on_or_after
-        self.reason = reason
         self.base_id = base_id
         self.name_id = name_id
         self.encrypted_id = encrypted_id
-        self.session_index = session_index
+        self.name_id_policy = name_id_policy
 
 def name_id_mapping_request_from_string(xml_string):
     """ Create NameIDMappingRequest instance from an XML string """
@@ -1201,21 +1200,24 @@ class NameIDMappingResponse(StatusResponse):
     c_namespace = SAMLP_NAMESPACE
     c_children = StatusResponse.c_children.copy()
     c_attributes = StatusResponse.c_attributes.copy()
-    c_children['{%s}NameID' % saml.SAML_NAMESPACE] = (
+    c_children['{%s}NameID' % saml.NAMESPACE] = (
         'name_id', saml.NameID)
-    c_children['{%s}EncryptedID' % saml.SAML_NAMESPACE] = (
+    c_children['{%s}EncryptedID' % saml.NAMESPACE] = (
         'encrypted_id', saml.EncryptedID)
     c_child_order = ['name_id', 'encrypted_id']
 
-    def __init__(self, identifier=None, in_response_to=None,
+    def __init__(self, name_id=None, encrypted_id=None,
+                id=None, in_response_to=None,
                 version=None, issue_instant=None,
                 destination=None, consent=None, issuer=None, signature=None,
                 extensions=None, status=None,
-                base_id=None, name_id=None, text=None,
+                text=None,
                 extension_elements=None, extension_attributes=None):
         """Constructor for NameIDMappingResponse
 
-        :param identifier: ID attribute
+        :param name_id: The id
+        :param encrypted_id: associated descriptive data
+        :param id: ID attribute
         :param in_respones_to: InResponseTo attribute
         :param version: Version attribute
         :param issue_instant: IssueInstant attribute
@@ -1225,22 +1227,18 @@ class NameIDMappingResponse(StatusResponse):
         :param signature: Signature element
         :param extensions: Extensions element
         :param status: Status element
-        :param base_id: associated descriptive data
-        :param name_id: The identifier
         :param text: The text data in the this element
         :param extension_elements: A list of ExtensionElement instances
         :param extension_attributes: A dictionary of attribute value 
             string pairs
         """
-        StatusResponse.__init__(self, identifier, in_response_to, 
+        StatusResponse.__init__(self, id, in_response_to, 
                 version, issue_instant, destination, consent,
                 issuer, signature, extensions, status,
                 text, extension_elements, extension_attributes)
 
-        self.not_on_or_after = not_on_or_after
-        self.reason = reason
-        self.base_id = base_id
         self.name_id = name_id
+        self.encrypted_id = encrypted_id
 
 def name_id_mapping_response_from_string(xml_string):
     """ Create NameIDMappingResponse instance from an XML string """

src/saml2/sigver.py

@@ -4,6 +4,7 @@ from saml2 import samlp
 from tempfile import NamedTemporaryFile
 from subprocess import Popen, PIPE
 import base64
+import random
 
 XMLSEC_BINARY = "/usr/local/bin/xmlsec1"
 ID_ATTR = "ID"
@@ -96,7 +97,8 @@ def correctly_signed_response(decoded_xml):
 
         if _TEST_: 
             print " ".join(com_list)
-        verified = _parse_popen_output(Popen(com_list, stderr=PIPE).communicate()[1])
+        verified = _parse_popen_output(Popen(com_list, 
+                                        stderr=PIPE).communicate()[1])
         if _TEST_:
             print "Verify result: '%s'" % (verified,)
 
@@ -114,8 +116,8 @@ def sign_using_xmlsec(statement, sign_key):
     """xmlsec1 --sign --privkey-pem test.key --id-attr:ID 
         urn:oasis:names:tc:SAML:2.0:assertion:Assertion saml_response.xml"""
         
-    fil_p, fil = make_temp("%s" % statement, decode=False)
+    _, fil = make_temp("%s" % statement, decode=False)
-    pem_file_pointer, pem_file = make_temp("%s" % sign_key, ".pem")
+    _, pem_file = make_temp("%s" % sign_key, ".pem")
     
     com_list = [XMLSEC_BINARY, "--sign", 
                 "--privkey-cert-pem", pem_file, "--id-attr:%s" % ID_ATTR, 

src/xmldsig/__init__.py

@@ -34,8 +34,8 @@ except ImportError:
 import saml2
 from saml2 import create_class_from_xml_string
 
-DS_NAMESPACE = 'http://www.w3.org/2000/09/xmldsig#'
+NAMESPACE = 'http://www.w3.org/2000/09/xmldsig#'
-DS_TEMPLATE = '{http://www.w3.org/2000/09/xmldsig#}%s'
+TEMPLATE = '{http://www.w3.org/2000/09/xmldsig#}%s'
 
 ENCODING_BASE64 = 'http://www.w3.org/2000/09/xmldsig#base64'
 DIGEST_SHA1 = 'http://www.w3.org/2000/09/xmldsig#sha1'
@@ -62,7 +62,7 @@ class Object(DsBase):
     """The ds:Object element"""
 
     c_tag = 'Object'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
     c_attributes['Id'] = 'identifier'
@@ -95,7 +95,7 @@ class MgmtData(DsBase):
     """The ds:MgmtData element"""
 
     c_tag = 'MgmtData'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
 
@@ -108,7 +108,7 @@ class SPKISexp(DsBase):
     """The ds:SPKISexp element"""
 
     c_tag = 'SPKISexp'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
 
@@ -121,10 +121,10 @@ class SPKIData(DsBase):
     """The ds:SPKIData element"""
 
     c_tag = 'SPKIData'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
-    c_children['{%s}SPKISexp' % DS_NAMESPACE] = ('spki_sexp', [SPKISexp])
+    c_children['{%s}SPKISexp' % NAMESPACE] = ('spki_sexp', [SPKISexp])
 
     def __init__(self, spki_sexp=None, text=None,
                 extension_elements=None, extension_attributes=None):
@@ -149,7 +149,7 @@ class PGPKeyID(DsBase):
     """The ds:PGPKeyID element"""
 
     c_tag = 'PGPKeyID'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
 
@@ -162,7 +162,7 @@ class PGPKeyPacket(DsBase):
     """The ds:PGPKeyPacket element"""
 
     c_tag = 'PGPKeyPacket'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
 
@@ -175,11 +175,11 @@ class PGPData(DsBase):
     """The ds:PGPData element"""
 
     c_tag = 'PGPData'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
-    c_children['{%s}PGPKeyID' % DS_NAMESPACE] = ('pgp_key_id', PGPKeyID)
+    c_children['{%s}PGPKeyID' % NAMESPACE] = ('pgp_key_id', PGPKeyID)
-    c_children['{%s}PGPKeyPacket' % DS_NAMESPACE] = (
+    c_children['{%s}PGPKeyPacket' % NAMESPACE] = (
         'pgp_key_packet', PGPKeyPacket)
     c_child_order = ['pgp_key_id', 'pgp_key_packet']
 
@@ -208,7 +208,7 @@ class X509IssuerName(DsBase):
     """The ds:X509IssuerName element"""
 
     c_tag = 'X509IssuerName'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
 
@@ -221,7 +221,7 @@ class X509IssuerNumber(DsBase):
     """The ds:X509IssuerNumber element"""
 
     c_tag = 'X509IssuerNumber'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
 
@@ -234,12 +234,12 @@ class X509IssuerSerial(DsBase):
     """The ds:X509IssuerSerial element"""
 
     c_tag = 'X509IssuerSerial'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
-    c_children['{%s}X509IssuerName' % DS_NAMESPACE] = (
+    c_children['{%s}X509IssuerName' % NAMESPACE] = (
         'x509_issuer_name', X509IssuerName)
-    c_children['{%s}X509IssuerNumber' % DS_NAMESPACE] = (
+    c_children['{%s}X509IssuerNumber' % NAMESPACE] = (
         'x509_issuer_number', X509IssuerNumber)
     c_child_order = ['x509_issuer_name', 'x509_issuer_number']
 
@@ -269,7 +269,7 @@ class X509SKI(DsBase):
     """The ds:X509SKI element"""
 
     c_tag = 'X509SKI'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
 
@@ -282,7 +282,7 @@ class X509SubjectName(DsBase):
     """The ds:X509SubjectName element"""
 
     c_tag = 'X509SubjectName'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
 
@@ -295,7 +295,7 @@ class X509Certificate(DsBase):
     """The ds:X509Certificate element"""
 
     c_tag = 'X509Certificate'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
 
@@ -308,7 +308,7 @@ class X509CRL(DsBase):
     """The ds:X509CRL element"""
 
     c_tag = 'X509CRL'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
 
@@ -321,17 +321,17 @@ class X509Data(DsBase):
     """The ds:X509Data element"""
 
     c_tag = 'X509Data'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
-    c_children['{%s}X509IssuerSerial' % DS_NAMESPACE] = (
+    c_children['{%s}X509IssuerSerial' % NAMESPACE] = (
         'x509_issuer_serial', [X509IssuerSerial])
-    c_children['{%s}X509SKI' % DS_NAMESPACE] = ('x509_ski', [X509SKI])
+    c_children['{%s}X509SKI' % NAMESPACE] = ('x509_ski', [X509SKI])
-    c_children['{%s}X509SubjectName' % DS_NAMESPACE] = (
+    c_children['{%s}X509SubjectName' % NAMESPACE] = (
         'x509_subject_name', [X509SubjectName])
-    c_children['{%s}X509Certificate' % DS_NAMESPACE] = (
+    c_children['{%s}X509Certificate' % NAMESPACE] = (
         'x509_certificate', [X509Certificate])
-    c_children['{%s}X509CRL' % DS_NAMESPACE] = ('x509_crl', [X509CRL])
+    c_children['{%s}X509CRL' % NAMESPACE] = ('x509_crl', [X509CRL])
     c_child_order = ['x509_issuer_serial', 'x509_ski', 'x509_subject_name',
                                     'x509_certificate', 'x509_crl']
 
@@ -368,11 +368,11 @@ class XPath(DsBase):
     """The ds:XPath element"""
 
     c_tag = 'XPath'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
 
-def x_path_from_string(xml_string):
+def xpath_from_string(xml_string):
     """ Create XPath instance from an XML string """
     return create_class_from_xml_string(XPath, xml_string)
 
@@ -381,11 +381,11 @@ class Transform(DsBase):
     """The ds:Transform element"""
 
     c_tag = 'Transform'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
     c_attributes['Algorithm'] = 'algorithm'
-    c_children['{%s}XPath' % DS_NAMESPACE] = ('xpath', [XPath])
+    c_children['{%s}XPath' % NAMESPACE] = ('xpath', [XPath])
 
     def __init__(self, xpath=None, algorithm=None, text=None,
                 extension_elements=None, extension_attributes=None):
@@ -411,10 +411,10 @@ class Transforms(DsBase):
     """The ds:Transforms element"""
 
     c_tag = 'Transforms'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
-    c_children['{%s}Transform' % DS_NAMESPACE] = ('transform', [Transform])
+    c_children['{%s}Transform' % NAMESPACE] = ('transform', [Transform])
 
     def __init__(self, transform=None, text=None,
                 extension_elements=None, extension_attributes=None):
@@ -438,12 +438,12 @@ class RetrievalMethod(DsBase):
     """The ds:RetrievalMethod element"""
 
     c_tag = 'RetrievalMethod'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
     c_attributes['URI'] = 'uri'
     c_attributes['Type'] = 'type'
-    c_children['{%s}Transforms' % DS_NAMESPACE] = ('transforms', [Transforms])
+    c_children['{%s}Transforms' % NAMESPACE] = ('transforms', [Transforms])
 
     def __init__(self, transforms=None, uri=None, typ=None, text=None,
                 extension_elements=None, extension_attributes=None):
@@ -471,7 +471,7 @@ class Modulus(DsBase):
     """The ds:Modulus element"""
 
     c_tag = 'Modulus'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
 
@@ -484,7 +484,7 @@ class Exponent(DsBase):
     """The ds:Exponent element"""
 
     c_tag = 'Exponent'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
 
@@ -497,11 +497,11 @@ class RSAKeyValue(DsBase):
     """The ds:RSAKeyValue element"""
 
     c_tag = 'RSAKeyValue'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
-    c_children['{%s}Modulus' % DS_NAMESPACE] = ('modulus', Modulus)
+    c_children['{%s}Modulus' % NAMESPACE] = ('modulus', Modulus)
-    c_children['{%s}Exponent' % DS_NAMESPACE] = ('exponent', Exponent)
+    c_children['{%s}Exponent' % NAMESPACE] = ('exponent', Exponent)
     c_child_order = ['modulus', 'exponent']
 
     def __init__(self, modulus=None, exponent=None, text=None,
@@ -528,7 +528,7 @@ class DsP(DsBase):
     """The ds:P element"""
 
     c_tag = 'P'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
 
@@ -541,7 +541,7 @@ class DsQ(DsBase):
     """The ds:Q element"""
 
     c_tag = 'Q'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
 
@@ -554,7 +554,7 @@ class DsG(DsBase):
     """The ds:G element"""
 
     c_tag = 'G'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
 
@@ -567,7 +567,7 @@ class DsY(DsBase):
     """The ds:Y element"""
 
     c_tag = 'Y'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
 
@@ -580,7 +580,7 @@ class DsJ(DsBase):
     """The ds:J element"""
 
     c_tag = 'J'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
 
@@ -593,7 +593,7 @@ class Seed(DsBase):
     """The ds:Seed element"""
 
     c_tag = 'Seed'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
 
@@ -606,7 +606,7 @@ class PgenCounter(DsBase):
     """The ds:PgenCounter element"""
 
     c_tag = 'PgenCounter'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
 
@@ -619,16 +619,16 @@ class DSAKeyValue(DsBase):
     """The ds:DSAKeyValue element"""
 
     c_tag = 'DSAKeyValue'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
-    c_children['{%s}P' % DS_NAMESPACE] = ('p', DsP)
+    c_children['{%s}P' % NAMESPACE] = ('p', DsP)
-    c_children['{%s}Q' % DS_NAMESPACE] = ('q', DsQ)
+    c_children['{%s}Q' % NAMESPACE] = ('q', DsQ)
-    c_children['{%s}G' % DS_NAMESPACE] = ('g', DsG)
+    c_children['{%s}G' % NAMESPACE] = ('g', DsG)
-    c_children['{%s}Y' % DS_NAMESPACE] = ('y', DsY)
+    c_children['{%s}Y' % NAMESPACE] = ('y', DsY)
-    c_children['{%s}J' % DS_NAMESPACE] = ('j', DsJ)
+    c_children['{%s}J' % NAMESPACE] = ('j', DsJ)
-    c_children['{%s}Seed' % DS_NAMESPACE] = ('seed', Seed)
+    c_children['{%s}Seed' % NAMESPACE] = ('seed', Seed)
-    c_children['{%s}PgenCounter' % DS_NAMESPACE] = ('pgen_counter', PgenCounter)
+    c_children['{%s}PgenCounter' % NAMESPACE] = ('pgen_counter', PgenCounter)
 
     c_child_order = ['p', 'q', 'g', 'y', 'j', 'seed', 'pgen_counter']
 
@@ -667,12 +667,12 @@ class KeyValue(DsBase):
     """The ds:KeyValue element"""
 
     c_tag = 'KeyValue'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
-    c_children['{%s}RSAKeyValue' % DS_NAMESPACE] = ('rsa_key_value', 
+    c_children['{%s}RSAKeyValue' % NAMESPACE] = ('rsa_key_value', 
                                                     RSAKeyValue)
-    c_children['{%s}DSAKeyValue' % DS_NAMESPACE] = ('dsa_key_value', 
+    c_children['{%s}DSAKeyValue' % NAMESPACE] = ('dsa_key_value', 
                                                     DSAKeyValue)
 
     c_child_order = ['rsa_key_value', 'dsa_key_value']
@@ -701,7 +701,7 @@ class KeyName(DsBase):
     """The ds:KeyName element"""
 
     c_tag = 'KeyName'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
 
@@ -714,18 +714,18 @@ class KeyInfo(DsBase):
     """The ds:KeyInfo element"""
 
     c_tag = 'KeyInfo'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
     c_attributes['Id'] = "identifier"
-    c_children['{%s}KeyName' % DS_NAMESPACE] = ('key_name', [KeyName])
+    c_children['{%s}KeyName' % NAMESPACE] = ('key_name', [KeyName])
-    c_children['{%s}KeyValue' % DS_NAMESPACE] = ('key_value', [KeyValue])
+    c_children['{%s}KeyValue' % NAMESPACE] = ('key_value', [KeyValue])
-    c_children['{%s}RetrievalMethod' % DS_NAMESPACE] = (
+    c_children['{%s}RetrievalMethod' % NAMESPACE] = (
         'retrieval_method', [RetrievalMethod])
-    c_children['{%s}X509Data' % DS_NAMESPACE] = ('x509_data', [X509Data])
+    c_children['{%s}X509Data' % NAMESPACE] = ('x509_data', [X509Data])
-    c_children['{%s}PGPData' % DS_NAMESPACE] = ('pgp_data', [PGPData])
+    c_children['{%s}PGPData' % NAMESPACE] = ('pgp_data', [PGPData])
-    c_children['{%s}SPKIData' % DS_NAMESPACE] = ('spki_data', [SPKIData])
+    c_children['{%s}SPKIData' % NAMESPACE] = ('spki_data', [SPKIData])
-    c_children['{%s}MgmtData' % DS_NAMESPACE] = ('mgmt_data', [MgmtData])
+    c_children['{%s}MgmtData' % NAMESPACE] = ('mgmt_data', [MgmtData])
 
     c_child_order = ['key_name', 'key_value', 'retrieval_method', 'x509_data',
                     'pgp_data', 'spki_data', 'mgmt_data']
@@ -768,7 +768,7 @@ class DigestValue(DsBase):
     """The ds:DigestValue element"""
 
     c_tag = 'DigestValue'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
 
@@ -781,7 +781,7 @@ class DigestMethod(DsBase):
     """The ds:DigestMethod element"""
 
     c_tag = 'DigestMethod'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
     c_attributes['Algorithm'] = "algorithm"
@@ -808,16 +808,16 @@ class Reference(DsBase):
     """The ds:Reference element"""
 
     c_tag = 'Reference'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
     c_attributes['Id'] = "identifier"
     c_attributes['URI'] = "uri"
     c_attributes['Type'] = "type"
-    c_children['{%s}Transforms' % DS_NAMESPACE] = ('transforms', [Transforms])
+    c_children['{%s}Transforms' % NAMESPACE] = ('transforms', [Transforms])
-    c_children['{%s}DigestMethod' % DS_NAMESPACE] = (
+    c_children['{%s}DigestMethod' % NAMESPACE] = (
         'digest_method', [DigestMethod])
-    c_children['{%s}DigestValue' % DS_NAMESPACE] = ('digest_value', 
+    c_children['{%s}DigestValue' % NAMESPACE] = ('digest_value', 
                                                     [DigestValue])
     c_child_order = ['transforms', 'digest_method', 'digest_value']
 
@@ -855,7 +855,7 @@ class HMACOutputLength(DsBase):
     """The ds:HMACOutputLength element"""
 
     c_tag = 'HMACOutputLength'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
 
@@ -868,11 +868,11 @@ class SignatureMethod(DsBase):
     """The ds:SignatureMethod element"""
 
     c_tag = 'SignatureMethod'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
     c_attributes['Algorithm'] = "algorithm"
-    c_children['{%s}HMACOutputLength' % DS_NAMESPACE] = (
+    c_children['{%s}HMACOutputLength' % NAMESPACE] = (
         'hmac_output_length', HMACOutputLength)
 
     def __init__(self, algorithm=None, hmac_output_length=None, text=None,
@@ -899,7 +899,7 @@ class CanonicalizationMethod(DsBase):
     """The ds:CanonicalizationMethod element"""
 
     c_tag = 'CanonicalizationMethod'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
     c_attributes['Algorithm'] = "algorithm"
@@ -926,15 +926,15 @@ class SignedInfo(DsBase):
     """The ds:SignedInfo element"""
 
     c_tag = 'SignedInfo'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
     c_attributes['Id'] = "identifier"
-    c_children['{%s}CanonicalizationMethod' % DS_NAMESPACE] = (
+    c_children['{%s}CanonicalizationMethod' % NAMESPACE] = (
         'canonicalization_method', CanonicalizationMethod)
-    c_children['{%s}SignatureMethod' % DS_NAMESPACE] = (
+    c_children['{%s}SignatureMethod' % NAMESPACE] = (
         'signature_method', SignatureMethod)
-    c_children['{%s}Reference' % DS_NAMESPACE] = ('reference', [Reference])
+    c_children['{%s}Reference' % NAMESPACE] = ('reference', [Reference])
     c_child_order = ['canonicalization_method', 'signature_method',
                                     'reference']
 
@@ -967,7 +967,7 @@ class SignatureValue(DsBase):
     """The ds:SignatureValue element"""
 
     c_tag = 'SignatureValue'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
     c_attributes['Id'] = "identifier"
@@ -995,15 +995,15 @@ class Signature(DsBase):
     """The ds:Signature element"""
 
     c_tag = 'Signature'
-    c_namespace = DS_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = DsBase.c_children.copy()
     c_attributes = DsBase.c_attributes.copy()
     c_attributes['Id'] = "identifier"
-    c_children['{%s}SignedInfo' % DS_NAMESPACE] = ('signed_info', SignedInfo)
+    c_children['{%s}SignedInfo' % NAMESPACE] = ('signed_info', SignedInfo)
-    c_children['{%s}SignatureValue' % DS_NAMESPACE] = (
+    c_children['{%s}SignatureValue' % NAMESPACE] = (
         'signature_value', SignatureValue)
-    c_children['{%s}KeyInfo' % DS_NAMESPACE] = ('key_info', KeyInfo)
+    c_children['{%s}KeyInfo' % NAMESPACE] = ('key_info', KeyInfo)
-    c_children['{%s}Object' % DS_NAMESPACE] = ('object', [Object])
+    c_children['{%s}Object' % NAMESPACE] = ('object', [Object])
     c_child_order = ["signed_info", "signature_value", "key_info", "object"]
 
     def __init__(self, identifier=None, signed_info=None, signature_value=None,
@@ -1056,3 +1056,48 @@ def get_empty_signature(canonicalization_method_algorithm=C14N_WITH_C,
                             key_info=KeyInfo(key_value=KeyValue()))
     return signature
 
+
+ELEMENT_FROM_STRING = {
+    Object.c_tag: object_from_string,
+    MgmtData.c_tag: mgmt_data_from_string,
+    SPKISexp.c_tag: spki_sexp_from_string,
+    SPKIData.c_tag: spki_data_from_string,
+    PGPKeyID.c_tag: pgp_key_id_from_string,
+    PGPKeyPacket.c_tag: pgp_key_packet_from_string,
+    PGPData.c_tag: pgp_data_from_string,
+    X509IssuerName.c_tag: x509_issuer_name_from_string,
+    X509IssuerNumber.c_tag: x509_issuer_number_from_string,
+    X509IssuerSerial.c_tag: x509_issuer_serial_from_string,
+    X509SKI.c_tag: x509_ski_from_string,
+    X509SubjectName.c_tag: x509_subject_name_from_string,
+    X509Certificate.c_tag: x509_certificate_from_string,
+    X509CRL.c_tag: x509_crl_from_string,
+    X509Data.c_tag: x509_data_from_string,
+    XPath.c_tag: xpath_from_string,
+    Transform.c_tag: transform_from_string,
+    Transforms.c_tag: transforms_from_string,
+    RetrievalMethod.c_tag: retrieval_method_from_string,
+    Modulus.c_tag: modulus_from_string,
+    Exponent.c_tag: exponent_from_string,
+    RSAKeyValue.c_tag: rsa_key_value_from_string,
+    DsP.c_tag: p_from_string,
+    DsQ.c_tag: q_from_string,
+    DsG.c_tag: g_from_string,
+    DsY.c_tag: y_from_string,
+    DsJ.c_tag: j_from_string,
+    Seed.c_tag: seed_from_string,
+    PgenCounter.c_tag: pgen_counter_from_string,
+    DSAKeyValue.c_tag: dsa_key_value_from_string,
+    KeyValue.c_tag: key_value_from_string,
+    KeyName.c_tag: key_name_from_string,
+    KeyInfo.c_tag: key_info_from_string,
+    DigestValue.c_tag: digest_value_from_string,
+    DigestMethod.c_tag: digest_method_from_string,
+    Reference.c_tag: reference_from_string,
+    HMACOutputLength.c_tag: hmac_output_length_from_string,
+    SignatureMethod.c_tag: signature_method_from_string,
+    CanonicalizationMethod.c_tag: canonicalization_method_from_string,
+    SignedInfo.c_tag: signed_info_from_string,
+    SignatureValue.c_tag: signature_value_from_string,
+    Signature.c_tag: signature_from_string,
+}

src/xmlenc/__init__.py

@@ -37,8 +37,8 @@ from saml2 import create_class_from_xml_string
 
 import xmldsig as ds
 
-ENC_NAMESPACE = 'http://www.w3.org/2001/04/xmlenc#'
+NAMESPACE = 'http://www.w3.org/2001/04/xmlenc#'
-ENC_TEMPLATE = '{http://www.w3.org/2001/04/xmlenc#}%s'
+#TEMPLATE = '{http://www.w3.org/2001/04/xmlenc#}%s'
 
 class EncBase(saml2.SamlBase):
     """The enc:EncBase element"""
@@ -53,7 +53,7 @@ class EncBase(saml2.SamlBase):
 class KeySize(EncBase):
 
     c_tag = 'KeySize'
-    c_namespace = ENC_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = EncBase.c_children.copy()
     c_attributes = EncBase.c_attributes.copy()
 
@@ -68,7 +68,7 @@ def key_size_from_string(xml_string):
 class OAEPparams(EncBase):
 
     c_tag = 'OAEPparams'
-    c_namespace = ENC_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = EncBase.c_children.copy()
     c_attributes = EncBase.c_attributes.copy()
 
@@ -84,13 +84,13 @@ class EncryptionMethod(EncBase):
     """The enc:EncryptionMethod element"""
 
     c_tag = 'EncryptionMethod'
-    c_namespace = ENC_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = EncBase.c_children.copy()
     c_attributes = EncBase.c_attributes.copy()
     c_attributes['Algorithm'] = 'algorithm'
-    c_children['{%s}KeySize' % ENC_NAMESPACE] = (
+    c_children['{%s}KeySize' % NAMESPACE] = (
         'key_size', [KeySize])
-    c_children['{%s}OAEPparams' % ENC_NAMESPACE] = (
+    c_children['{%s}OAEPparams' % NAMESPACE] = (
         'oaep_params', [OAEPparams])
 
     def __init__(self, algorithm=None, key_size=None, oaep_params=None,
@@ -122,7 +122,7 @@ def encryption_method_from_string(xml_string):
 class CipherValue(EncBase):
 
     c_tag = 'CipherValue'
-    c_namespace = ENC_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = EncBase.c_children.copy()
     c_attributes = EncBase.c_attributes.copy()
 
@@ -139,10 +139,10 @@ def cipher_value_from_string(xml_string):
 class Transforms(EncBase):
 
     c_tag = 'Transforms'
-    c_namespace = ENC_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = EncBase.c_children.copy()
     c_attributes = EncBase.c_attributes.copy()
-    c_children['{%s}Transform' % ds.DS_NAMESPACE] = (
+    c_children['{%s}Transform' % ds.NAMESPACE] = (
         'transform', [ds.Transform])
 
     def __init__(self, transform=None,
@@ -170,11 +170,11 @@ def transforms_from_string(xml_string):
 class CipherReference(EncBase):
 
     c_tag = 'CipherReference'
-    c_namespace = ENC_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = EncBase.c_children.copy()
     c_attributes = EncBase.c_attributes.copy()
     c_attributes['URI'] = 'uri'    
-    c_children['{%s}Transforms' % ENC_NAMESPACE] = (
+    c_children['{%s}Transforms' % NAMESPACE] = (
         'transforms', [Transforms])
     
     def __init__(self, uri=None, transforms=None, 
@@ -205,12 +205,12 @@ class CipherData(EncBase):
     """The enc:CipherData element"""
 
     c_tag = 'CipherData'
-    c_namespace = ENC_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = EncBase.c_children.copy()
     c_attributes = EncBase.c_attributes.copy()
-    c_children['{%s}CipherValue' % ENC_NAMESPACE] = (
+    c_children['{%s}CipherValue' % NAMESPACE] = (
         'cipher_value', [CipherValue])
-    c_children['{%s}CipherReference' % ENC_NAMESPACE] = (
+    c_children['{%s}CipherReference' % NAMESPACE] = (
         'cipher_reference', [CipherReference])
     c_child_order = ['cipher_value', 'cipher_reference']
 
@@ -231,6 +231,10 @@ class CipherData(EncBase):
         self.cipher_value = cipher_value
         self.cipher_reference = cipher_reference
 
+def cipher_data_from_string(xml_string):
+    """ Create CipherData instance from an XML string """
+    return create_class_from_xml_string(CipherData, xml_string)
+
 # ---------------------------------------------------------------------------
 # EncryptionProperty
 # ---------------------------------------------------------------------------
@@ -238,7 +242,7 @@ class CipherData(EncBase):
 class EncryptionProperty(EncBase):
 
     c_tag = 'EncryptionProperty'
-    c_namespace = ENC_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = EncBase.c_children.copy()
     c_attributes = EncBase.c_attributes.copy()
     c_attributes['Target'] = 'target'
@@ -271,11 +275,11 @@ def encryption_property_from_string(xml_string):
 class EncryptionProperties(EncBase):
 
     c_tag = 'EncryptionProperties'
-    c_namespace = ENC_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = EncBase.c_children.copy()
     c_attributes = EncBase.c_attributes.copy()
     c_attributes['Id'] = 'identifier'
-    c_children['{%s}EncryptionProperty' % ENC_NAMESPACE] = (
+    c_children['{%s}EncryptionProperty' % NAMESPACE] = (
         'encryption_property', [EncryptionProperty])
 
     def __init__(self, identifier=None, encryption_property=None, 
@@ -306,20 +310,20 @@ class EncryptedType(EncBase):
     """The enc:EncryptedType element"""
 
     c_tag = 'EncryptedType'
-    c_namespace = ENC_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = EncBase.c_children.copy()
     c_attributes = EncBase.c_attributes.copy()
     c_attributes['Id'] = 'identifier'
     c_attributes['Type'] = 'typ'
     c_attributes['MimeType'] = 'mime_type'
     c_attributes['Encoding'] = 'encoding'
-    c_children['{%s}EncryptionMethod' % ENC_NAMESPACE] = (
+    c_children['{%s}EncryptionMethod' % NAMESPACE] = (
         'encryption_method', [EncryptionMethod])
-    c_children['{%s}KeyInfo' % ds.DS_NAMESPACE] = (
+    c_children['{%s}KeyInfo' % ds.NAMESPACE] = (
         'key_info', [ds.KeyInfo])
-    c_children['{%s}CipherData' % ENC_NAMESPACE] = (
+    c_children['{%s}CipherData' % NAMESPACE] = (
         'cipher_data', [CipherData])
-    c_children['{%s}EncryptionProperties' % ENC_NAMESPACE] = (
+    c_children['{%s}EncryptionProperties' % NAMESPACE] = (
         'encryption_properties', [EncryptionProperties])
     c_child_order = ['encryption_method', 'key_info',
                     'cipher_data','encryption_properties']
@@ -366,7 +370,7 @@ class EncryptedData(EncryptedType):
     """The enc:EncryptedData element"""
 
     c_tag = 'EncryptedData'
-    c_namespace = ENC_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = EncryptedType.c_children.copy()
     c_attributes = EncryptedType.c_attributes.copy()
 
@@ -381,7 +385,7 @@ def encrypted_data_from_string(xml_string):
 class ReferenceType(EncBase):
 
     c_tag = 'ReferenceType'
-    c_namespace = ENC_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = EncBase.c_children.copy()
     c_attributes = EncBase.c_attributes.copy()
     c_attributes['URI'] = 'uri'
@@ -411,10 +415,14 @@ def reference_type_from_string(xml_string):
 class DataReference(ReferenceType):
 
     c_tag = 'DataReference'
-    c_namespace = ENC_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = ReferenceType.c_children.copy()
     c_attributes = ReferenceType.c_attributes.copy()
 
+def data_reference_from_string(xml_string):
+    """ Create DataReference instance from an XML string """
+    return create_class_from_xml_string(DataReference, xml_string)
+
 # ---------------------------------------------------------------------------
 # KeyReference
 # ---------------------------------------------------------------------------
@@ -422,10 +430,14 @@ class DataReference(ReferenceType):
 class KeyReference(ReferenceType):
 
     c_tag = 'KeyReference'
-    c_namespace = ENC_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = ReferenceType.c_children.copy()
     c_attributes = ReferenceType.c_attributes.copy()
 
+def key_reference_from_string(xml_string):
+    """ Create KeyReference instance from an XML string """
+    return create_class_from_xml_string(KeyReference, xml_string)
+
 # ---------------------------------------------------------------------------
 # ReferenceList
 # ---------------------------------------------------------------------------
@@ -433,12 +445,12 @@ class KeyReference(ReferenceType):
 class ReferenceList(EncBase):
 
     c_tag = 'ReferenceList'
-    c_namespace = ENC_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = EncBase.c_children.copy()
     c_attributes = EncBase.c_attributes.copy()
-    c_children['{%s}DataReference' % ENC_NAMESPACE] = (
+    c_children['{%s}DataReference' % NAMESPACE] = (
         'data_reference', [DataReference])
-    c_children['{%s}KeyReference' % ENC_NAMESPACE] = (
+    c_children['{%s}KeyReference' % NAMESPACE] = (
         'key_reference', [KeyReference])
 
     def __init__(self, data_reference=None, key_reference=None, 
@@ -468,7 +480,7 @@ def reference_list_from_string(xml_string):
 class CarriedKeyName(EncBase):
 
     c_tag = 'CarriedKeyName'
-    c_namespace = ENC_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = EncBase.c_children.copy()
     c_attributes = EncBase.c_attributes.copy()
 
@@ -484,13 +496,13 @@ class EncryptedKey(EncryptedType):
     """The enc:EncryptedKey element"""
 
     c_tag = 'EncryptedKey'
-    c_namespace = ENC_NAMESPACE
+    c_namespace = NAMESPACE
     c_children = EncryptedType.c_children.copy()
     c_attributes = EncryptedType.c_attributes.copy()
     c_attributes['Recipient'] = 'recipient'
-    c_children['{%s}ReferenceList' % ENC_NAMESPACE] = (
+    c_children['{%s}ReferenceList' % NAMESPACE] = (
         'reference_list', [ReferenceList])
-    c_children['{%s}CarriedKeyName' % ENC_NAMESPACE] = (
+    c_children['{%s}CarriedKeyName' % NAMESPACE] = (
         'carried_key_name', [CarriedKeyName])
 
     def __init__(self, recipient=None, reference_list=None, 
@@ -529,3 +541,22 @@ def encrypted_key_from_string(xml_string):
     """ Create EncryptedKey instance from an XML string """
     return create_class_from_xml_string(EncryptedKey, xml_string)
 
+ELEMENT_TO_STRING = {
+    KeySize: key_size_from_string,
+    OAEPparams: oaep_params_from_string,
+    EncryptionMethod: encryption_method_from_string,
+    CipherValue: cipher_value_from_string,
+    Transforms: transforms_from_string,
+    CipherReference: cipher_reference_from_string,
+    CipherData: cipher_data_from_string,
+    EncryptionProperty: encryption_property_from_string,
+    EncryptionProperties: encryption_properties_from_string,
+    EncryptedType: encrypted_type_from_string,
+    EncryptedData: encrypted_data_from_string,
+    ReferenceType: reference_type_from_string,
+    DataReference: data_reference_from_string,
+    KeyReference: key_reference_from_string,
+    ReferenceList: reference_list_from_string,
+    CarriedKeyName: carried_key_name_from_string,
+    EncryptedKey: encrypted_key_from_string,
+}