Skip to main content

xmlenc and xmldsig XML encryption and signing using PGP keys

Project description

Ability to encrypt XML and add XML signatures to documents using PGP keys.

Requires the following python libraries:

  • xmlsec
  • PGPy
  • cryptography

xmlsec_pgp provides a replacement SignatureContext(), EncryptionContext() and KeysManager() which can accept PGPy keys, and can then sign, verify, encrypt and decrypt as normal.

There is also the call xmlsec_pgp.add_pgp_data(key_info_node) to make <PGPData> tags which are filled out with the PGP key ID and PGP public key.

There appear to be very few implementations of this specification, so interoperability testing has been minimal and feedback is welcome.

LibreOffice implements document signing using PGP+xmldsig, but the generated signatures do not appear to verify using this module, or with the xmlsec1 command line tool (and a suitable PEM-encoded public key to bridge the gap). More investigation is required to identify whether the issue is in how libxmlsec handles the document, or whether the LibreOffice document format is incorrecly encoding the signature format, causing a mismatch.

This software is licensed under the MIT license. Please see the accompanying LICENSE file.

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for xmlsec_pgp, version 0.3
Filename, size File type Python version Upload date Hashes
Filename, size xmlsec_pgp-0.3.tar.gz (3.6 kB) File type Source Python version None Upload date Hashes View hashes

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page