pyXMLSecurity


NamepyXMLSecurity JSON
Version 1.0.0 PyPI version JSON
download
home_pagehttp://blogs.mnt.se
Summarypure Python XML Security
upload_time2023-08-24 12:13:01
maintainer
docs_urlNone
authorLeif Johansson
requires_python
licenseBSD
keywords xml xml-dsig security digital signature rsa
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage No coveralls.
            python XML Security
===================

.. image:: https://img.shields.io/travis/IdentityPython/pyXMLSecurity.svg
   :target: https://travis-ci.org/IdentityPython/pyXMLSecurity
   :alt: Travis Build
.. image:: https://img.shields.io/coveralls/IdentityPython/pyXMLSecurity.svg
   :target: https://coveralls.io/r/IdentityPython/pyXMLSecurity?branch=master
   :alt: Coverage
.. image:: https://api.codeclimate.com/v1/badges/a99a88d28ad37a79dbf6/test_coverage
   :target: https://codeclimate.com/github/codeclimate/codeclimate/test_coverage
   :alt: Test Coverage
.. image:: https://api.codeclimate.com/v1/badges/a99a88d28ad37a79dbf6/maintainability
   :target: https://codeclimate.com/github/codeclimate/codeclimate/maintainability
   :alt: Maintainability
.. image:: https://img.shields.io/pypi/l/pyXMLSecurity.svg
   :target: https://github.com/IdentityPython/pyXMLSecurity/blob/master/LICENSE.txt
   :alt: License
.. image:: https://img.shields.io/pypi/format/pyXMLSecurity.svg
   :target: https://pypi.python.org/pypi/pyXMLSecurity
   :alt: Format
.. image:: https://img.shields.io/pypi/v/pyXMLSecurity.svg
   :target: https://pypi.python.org/pypi/pyXMLSecurity
   :alt: PyPI Version

This is a python implementation of XML-Security - XML-DSIG only right now. There are no
dependencies except lxml and pyca/cryptography currently.

This code was inspired by https://github.com/andrewdyates/xmldsig (this implementation is
a refactor and extension of that implementation) and in former versions used to include a
pure-python RSA implementation https://github.com/andrewdyates/rsa_x509_pem by and with
permission from Andrew Yates. Cryptographic primitives are now provided by
pyca/cryptography (https://cryptography.io).

In order to sign with a PKCS#11-module you need to install pykcs11 (http://www.bit4id.org/pykcs11/)

This package is available under the NORDUnet BSD license (cf LICENSE.txt)

Limitations:

- only support for RSA-SHA1/256/512 signatures with PKCS1.5 padding
- no encryption support

Some of those limitations might be addressed. Patches and pull-requests are most welcome!


News
====

0.1
---

*Release date: UNRELEASED*

* This is the first unreleased version of the code
* http://github.com/leifj/pyXMLSecurity

0.2
---

*Release date: Mon Aug 27 12:42:45 CEST 2012*

* more rubust algorithm uri parsing
* support for "#"-style IDs
* partial support for <Transform/> elts with child-elements
* make all exceptions an XMLSecException
* first draft: sign
* various cleanups

0.3
---

*Release date: Tue Aug 28 09:46:47 CEST 2012*

* handle #-style references (remove top-level comments and PIs)
* don't unescape &amp; &lt; and &gt;
* don't give empty inclusive ns prefix list to c14n
* move exception to separate file
* first version of the pkcs11 shim layer

0.4
---

*Release date: Wed Aug 29 12:43:05 CEST 2012*

* starting on tests
* cleanup pkcs11 layer
* various bugfixes and cleanup

0.5
---

*Release date: Wed Sep  5 11:52:58 CEST 2012*

* Fix bug when signing using non-p11 keys
* More robust PEM-unfolding

0.6
---

*Release date: Fri Nov 30 10:29:03 CET 2012*

* Allow Reference@URI to be passed as argument

0.7
---

*Release date: Mon Feb  4 15:53:32 CET 2013*

* Minor fixes

0.8
---

*Release date: Wed Apr  3 09:05:53 CEST 2013*

* Multiple bugfixes
* More SAML and P11 testcases

0.9
---

*Release date: Mon Jun 24 11:24:20 CEST 2013*

* Bugfixes
* Protection against wrapping attacks (new API!)

0.10
------

*Release date: Thu Sep 12 20:16:04 CEST 2013*

* fix PEM parser bug
* switch to semantic versioning

0.11
------

*Release date: Fri Oct 11 17:06:53 CEST 2013*

* better control over the position of the signature element

0.12
----

*Release date: Wed Dec  4 15:00:29 CET 2013*

* use pyconfig to control configuration parameters
* support sha2 algorithms
* several bugfixes for c14n

0.13
----

*Release date: lör 22 mar 2014 10:44:49 CET*

* various unicode fixes related to pkcs#11
* skip certain tests unless opensc is installed
* use existing SignatureValue if present
* various fixes from Fredrik T and Maya W

0.14
----

*Release date: Mon Dec  1 08:58:54 CET 2014*

* Add explicit call to C_Initialize
* Various bugs fixed - from Fredrik T
* Allow caller control over session close

0.15
----

*Release date: mån 16 nov 2015 13:40:26 CET*

* xmlsign: a simple sign cmdline tool
* optionally drop signatures when validating
* avoid logging keysize in p11 case
* put a lock around pyasn1 parser
* make cert loading thread safe
* bugfixes

0.16
----

*Release ons 13 dec 2017 21:10:29 CET*

* crypto abstraction
* switch to sha256 default
* verify and sign cmdline tools
* lots of bugfixes

0.17
----

*Release tor 14 dec 2017 12:27:48 CET*

* fix base64 bug
* fix bug in cmdline verify serialization

0.18
----

*Release fre 25 maj 2018 19:43:54 CEST*

* fix verification bug affecting sha512

0.19
----

*Release tis 22 jan 2019 13:53:49 CET*

* python3 compatibility
* fix private key leak issue
* P11 fixes
* test improvements

0.20
----
*Release tis 10 sep 2019 19:41:58 CEST*

* more p3 compat

0.21
----
*Release ons 19 feb 2020 16:21:05 CET*

* add cmdline arg for setting position of signature in xmlsign tool

0.30
----
*Release ons 28 Feb 2023 16:51:25 CET*

* add support for non-RSA and non-PKCS1 v1.5 padding
* improved logging
* drop python3
* fix for mgf1 verification
* avoid tripping up on missing fingerprints - validate over all signatures
* correct import for MutableMapping

1.0.0
-----
*Release tor 24 aug 2023 14:08:17 CEST*

* support for PKIX chain validation for XML signatures
* support for python 3.10
* start using semantic versioning



            

Raw data

            {
    "_id": null,
    "home_page": "http://blogs.mnt.se",
    "name": "pyXMLSecurity",
    "maintainer": "",
    "docs_url": null,
    "requires_python": "",
    "maintainer_email": "",
    "keywords": "xml xml-dsig security digital signature rsa",
    "author": "Leif Johansson",
    "author_email": "leifj@sunet.se",
    "download_url": "https://files.pythonhosted.org/packages/4c/37/f1f50c2bb840d97490b45f3fb658ec489d5dacc4d7c9630b67bb380cb748/pyXMLSecurity-1.0.0.tar.gz",
    "platform": null,
    "description": "python XML Security\n===================\n\n.. image:: https://img.shields.io/travis/IdentityPython/pyXMLSecurity.svg\n   :target: https://travis-ci.org/IdentityPython/pyXMLSecurity\n   :alt: Travis Build\n.. image:: https://img.shields.io/coveralls/IdentityPython/pyXMLSecurity.svg\n   :target: https://coveralls.io/r/IdentityPython/pyXMLSecurity?branch=master\n   :alt: Coverage\n.. image:: https://api.codeclimate.com/v1/badges/a99a88d28ad37a79dbf6/test_coverage\n   :target: https://codeclimate.com/github/codeclimate/codeclimate/test_coverage\n   :alt: Test Coverage\n.. image:: https://api.codeclimate.com/v1/badges/a99a88d28ad37a79dbf6/maintainability\n   :target: https://codeclimate.com/github/codeclimate/codeclimate/maintainability\n   :alt: Maintainability\n.. image:: https://img.shields.io/pypi/l/pyXMLSecurity.svg\n   :target: https://github.com/IdentityPython/pyXMLSecurity/blob/master/LICENSE.txt\n   :alt: License\n.. image:: https://img.shields.io/pypi/format/pyXMLSecurity.svg\n   :target: https://pypi.python.org/pypi/pyXMLSecurity\n   :alt: Format\n.. image:: https://img.shields.io/pypi/v/pyXMLSecurity.svg\n   :target: https://pypi.python.org/pypi/pyXMLSecurity\n   :alt: PyPI Version\n\nThis is a python implementation of XML-Security - XML-DSIG only right now. There are no\ndependencies except lxml and pyca/cryptography currently.\n\nThis code was inspired by https://github.com/andrewdyates/xmldsig (this implementation is\na refactor and extension of that implementation) and in former versions used to include a\npure-python RSA implementation https://github.com/andrewdyates/rsa_x509_pem by and with\npermission from Andrew Yates. Cryptographic primitives are now provided by\npyca/cryptography (https://cryptography.io).\n\nIn order to sign with a PKCS#11-module you need to install pykcs11 (http://www.bit4id.org/pykcs11/)\n\nThis package is available under the NORDUnet BSD license (cf LICENSE.txt)\n\nLimitations:\n\n- only support for RSA-SHA1/256/512 signatures with PKCS1.5 padding\n- no encryption support\n\nSome of those limitations might be addressed. Patches and pull-requests are most welcome!\n\n\nNews\n====\n\n0.1\n---\n\n*Release date: UNRELEASED*\n\n* This is the first unreleased version of the code\n* http://github.com/leifj/pyXMLSecurity\n\n0.2\n---\n\n*Release date: Mon Aug 27 12:42:45 CEST 2012*\n\n* more rubust algorithm uri parsing\n* support for \"#\"-style IDs\n* partial support for <Transform/> elts with child-elements\n* make all exceptions an XMLSecException\n* first draft: sign\n* various cleanups\n\n0.3\n---\n\n*Release date: Tue Aug 28 09:46:47 CEST 2012*\n\n* handle #-style references (remove top-level comments and PIs)\n* don't unescape &amp; &lt; and &gt;\n* don't give empty inclusive ns prefix list to c14n\n* move exception to separate file\n* first version of the pkcs11 shim layer\n\n0.4\n---\n\n*Release date: Wed Aug 29 12:43:05 CEST 2012*\n\n* starting on tests\n* cleanup pkcs11 layer\n* various bugfixes and cleanup\n\n0.5\n---\n\n*Release date: Wed Sep  5 11:52:58 CEST 2012*\n\n* Fix bug when signing using non-p11 keys\n* More robust PEM-unfolding\n\n0.6\n---\n\n*Release date: Fri Nov 30 10:29:03 CET 2012*\n\n* Allow Reference@URI to be passed as argument\n\n0.7\n---\n\n*Release date: Mon Feb  4 15:53:32 CET 2013*\n\n* Minor fixes\n\n0.8\n---\n\n*Release date: Wed Apr  3 09:05:53 CEST 2013*\n\n* Multiple bugfixes\n* More SAML and P11 testcases\n\n0.9\n---\n\n*Release date: Mon Jun 24 11:24:20 CEST 2013*\n\n* Bugfixes\n* Protection against wrapping attacks (new API!)\n\n0.10\n------\n\n*Release date: Thu Sep 12 20:16:04 CEST 2013*\n\n* fix PEM parser bug\n* switch to semantic versioning\n\n0.11\n------\n\n*Release date: Fri Oct 11 17:06:53 CEST 2013*\n\n* better control over the position of the signature element\n\n0.12\n----\n\n*Release date: Wed Dec  4 15:00:29 CET 2013*\n\n* use pyconfig to control configuration parameters\n* support sha2 algorithms\n* several bugfixes for c14n\n\n0.13\n----\n\n*Release date: l\u00f6r 22 mar 2014 10:44:49 CET*\n\n* various unicode fixes related to pkcs#11\n* skip certain tests unless opensc is installed\n* use existing SignatureValue if present\n* various fixes from Fredrik T and Maya W\n\n0.14\n----\n\n*Release date: Mon Dec  1 08:58:54 CET 2014*\n\n* Add explicit call to C_Initialize\n* Various bugs fixed - from Fredrik T\n* Allow caller control over session close\n\n0.15\n----\n\n*Release date: m\u00e5n 16 nov 2015 13:40:26 CET*\n\n* xmlsign: a simple sign cmdline tool\n* optionally drop signatures when validating\n* avoid logging keysize in p11 case\n* put a lock around pyasn1 parser\n* make cert loading thread safe\n* bugfixes\n\n0.16\n----\n\n*Release ons 13 dec 2017 21:10:29 CET*\n\n* crypto abstraction\n* switch to sha256 default\n* verify and sign cmdline tools\n* lots of bugfixes\n\n0.17\n----\n\n*Release tor 14 dec 2017 12:27:48 CET*\n\n* fix base64 bug\n* fix bug in cmdline verify serialization\n\n0.18\n----\n\n*Release fre 25 maj 2018 19:43:54 CEST*\n\n* fix verification bug affecting sha512\n\n0.19\n----\n\n*Release tis 22 jan 2019 13:53:49 CET*\n\n* python3 compatibility\n* fix private key leak issue\n* P11 fixes\n* test improvements\n\n0.20\n----\n*Release tis 10 sep 2019 19:41:58 CEST*\n\n* more p3 compat\n\n0.21\n----\n*Release ons 19 feb 2020 16:21:05 CET*\n\n* add cmdline arg for setting position of signature in xmlsign tool\n\n0.30\n----\n*Release ons 28 Feb 2023 16:51:25 CET*\n\n* add support for non-RSA and non-PKCS1 v1.5 padding\n* improved logging\n* drop python3\n* fix for mgf1 verification\n* avoid tripping up on missing fingerprints - validate over all signatures\n* correct import for MutableMapping\n\n1.0.0\n-----\n*Release tor 24 aug 2023 14:08:17 CEST*\n\n* support for PKIX chain validation for XML signatures\n* support for python 3.10\n* start using semantic versioning\n\n\n",
    "bugtrack_url": null,
    "license": "BSD",
    "summary": "pure Python XML Security",
    "version": "1.0.0",
    "project_urls": {
        "Homepage": "http://blogs.mnt.se"
    },
    "split_keywords": [
        "xml",
        "xml-dsig",
        "security",
        "digital",
        "signature",
        "rsa"
    ],
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "4c37f1f50c2bb840d97490b45f3fb658ec489d5dacc4d7c9630b67bb380cb748",
                "md5": "bf992eb86dbc169e5f7fa94115014008",
                "sha256": "03398d6c7eef462410c7133d0b8861d721f67678f6a66f45090aba26806d76a3"
            },
            "downloads": -1,
            "filename": "pyXMLSecurity-1.0.0.tar.gz",
            "has_sig": false,
            "md5_digest": "bf992eb86dbc169e5f7fa94115014008",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": null,
            "size": 31342,
            "upload_time": "2023-08-24T12:13:01",
            "upload_time_iso_8601": "2023-08-24T12:13:01.230759Z",
            "url": "https://files.pythonhosted.org/packages/4c/37/f1f50c2bb840d97490b45f3fb658ec489d5dacc4d7c9630b67bb380cb748/pyXMLSecurity-1.0.0.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2023-08-24 12:13:01",
    "github": false,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "lcname": "pyxmlsecurity"
}
        
Elapsed time: 0.11327s