Do NOT collect signature cert from the authn request and use for encryption.

2015-05-25 15:32:31 +02:00
parent e2b0461247
commit b6c8938e7d
1 changed files with 8 additions and 8 deletions
--- a/src/saml2/sigver.py
+++ b/src/saml2/sigver.py
@@ -1070,17 +1070,17 @@ def encrypt_cert_from_item(item):
                                               [pefim, ds])
        if len(_elem) == 1:
            _encrypt_cert = _elem[0].x509_data[0].x509_certificate.text
-        else:
-            certs = cert_from_instance(item)
-            if len(certs) > 0:
-                _encrypt_cert = certs[0]
+        #else:
+        #    certs = cert_from_instance(item)
+        #    if len(certs) > 0:
+        #        _encrypt_cert = certs[0]
    except Exception:
        pass

-    if _encrypt_cert is None:
-        certs = cert_from_instance(item)
-        if len(certs) > 0:
-            _encrypt_cert = certs[0]
+    #if _encrypt_cert is None:
+    #    certs = cert_from_instance(item)
+    #    if len(certs) > 0:
+    #        _encrypt_cert = certs[0]

    if _encrypt_cert is not None:
        if _encrypt_cert.find("-----BEGIN CERTIFICATE-----\n") == -1: