pure Python XML Security

Navigation

Verified details

These details have been verified by PyPI
Owner
Maintainers
Avatar for leifj from gravatar.com leifj

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: BSD
  • Author: Leif Johansson
  • Tags xml , xml-dsig , security , digital , signature , rsa
Report project as malware

Project description

python XML Security

This is a python implementation of XML-Security - XML-DSIG only right now. There are no dependencies except lxml currently.

This code was inspired by https://github.com/andrewdyates/xmldsig (this implementation is a refactor and extension of that implementation) and includes a pure-python RSA implementation https://github.com/andrewdyates/rsa_x509_pem by and with permission from Andrew Yates.

In order to sign with a PKCS#11-module you need to install pykcs11 (http://www.bit4id.org/pykcs11/)

This package is available under the NORDUnet BSD license (cf LICENSE.txt)

Limitations:

  • only support for enveloped signatures

  • only support for RSA-SHA1 signatures

  • no encryption support

Some of those limitations might be addressed. Patches and pull-requests are most welcome!

News

0.1

Release date: UNRELEASED

0.2

Release date: Mon Aug 27 12:42:45 CEST 2012

  • more rubust algorithm uri parsing

  • support for “#”-style IDs

  • partial support for <Transform/> elts with child-elements

  • make all exceptions an XMLSecException

  • first draft: sign

  • various cleanups

0.3

Release date: Tue Aug 28 09:46:47 CEST 2012

  • handle #-style references (remove top-level comments and PIs)

  • don’t unescape &amp; &lt; and &gt;

  • don’t give empty inclusive ns prefix list to c14n

  • move exception to separate file

  • first version of the pkcs11 shim layer

0.4

Release date: Wed Aug 29 12:43:05 CEST 2012

  • starting on tests

  • cleanup pkcs11 layer

  • various bugfixes and cleanup

0.5

Release date: Wed Sep 5 11:52:58 CEST 2012

  • Fix bug when signing using non-p11 keys

  • More robust PEM-unfolding

0.6

Release date: Fri Nov 30 10:29:03 CET 2012

0.7

Release date: Mon Feb 4 15:53:32 CET 2013

  • Minor fixes

0.8

Release date: Wed Apr 3 09:05:53 CEST 2013

  • Multiple bugfixes

  • More SAML and P11 testcases

0.9

Release date: Mon Jun 24 11:24:20 CEST 2013

  • Bugfixes

  • Protection against wrapping attacks (new API!)

Project details

Verified details

These details have been verified by PyPI
Owner
Maintainers
Avatar for leifj from gravatar.com leifj

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: BSD
  • Author: Leif Johansson
  • Tags xml , xml-dsig , security , digital , signature , rsa

Release history Release notifications | RSS feed

1.0.0

0.30

0.21

0.20

0.19

0.18

0.17

0.16

0.15

0.14

0.13

0.12

0.11

0.10.0

This version

0.9

0.8

0.7

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pyXMLSecurity-0.9.tar.gz (48.6 kB view details)

Uploaded Source

File details

Details for the file pyXMLSecurity-0.9.tar.gz.

File metadata

  • Download URL: pyXMLSecurity-0.9.tar.gz
  • Upload date:
  • Size: 48.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No

File hashes

Hashes for pyXMLSecurity-0.9.tar.gz
Algorithm Hash digest
SHA256 80657567e17c86c65c06e50e078916ff6c9aa7580833a8224313f8439b51cf9e
MD5 86af2be60f7c05070effb80793e9b54c
BLAKE2b-256 a50b4cf73c743c2693ae7165af3965155793038d5097e14c7a81f0d26ce7ff75

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page