skip to navigation
skip to content

Not Logged In

pyXMLSecurity 0.13

pure Python XML Security

python XML Security

This is a python implementation of XML-Security - XML-DSIG only right now. There are no dependencies except lxml currently.

This code was inspired by https://github.com/andrewdyates/xmldsig (this implementation is a refactor and extension of that implementation) and includes a pure-python RSA implementation https://github.com/andrewdyates/rsa_x509_pem by and with permission from Andrew Yates.

In order to sign with a PKCS#11-module you need to install pykcs11 (http://www.bit4id.org/pykcs11/)

This package is available under the NORDUnet BSD license (cf LICENSE.txt)

Limitations:

  • only support for enveloped signatures
  • only support for RSA-SHA1 signatures
  • no encryption support

Some of those limitations might be addressed. Patches and pull-requests are most welcome!

News

0.1

Release date: UNRELEASED

0.2

Release date: Mon Aug 27 12:42:45 CEST 2012

  • more rubust algorithm uri parsing
  • support for "#"-style IDs
  • partial support for <Transform/> elts with child-elements
  • make all exceptions an XMLSecException
  • first draft: sign
  • various cleanups

0.3

Release date: Tue Aug 28 09:46:47 CEST 2012

  • handle #-style references (remove top-level comments and PIs)
  • don't unescape &amp; &lt; and &gt;
  • don't give empty inclusive ns prefix list to c14n
  • move exception to separate file
  • first version of the pkcs11 shim layer

0.4

Release date: Wed Aug 29 12:43:05 CEST 2012

  • starting on tests
  • cleanup pkcs11 layer
  • various bugfixes and cleanup

0.5

Release date: Wed Sep 5 11:52:58 CEST 2012

  • Fix bug when signing using non-p11 keys
  • More robust PEM-unfolding

0.6

Release date: Fri Nov 30 10:29:03 CET 2012

0.7

Release date: Mon Feb 4 15:53:32 CET 2013

  • Minor fixes

0.8

Release date: Wed Apr 3 09:05:53 CEST 2013

  • Multiple bugfixes
  • More SAML and P11 testcases

0.9

Release date: Mon Jun 24 11:24:20 CEST 2013

  • Bugfixes
  • Protection against wrapping attacks (new API!)

0.10

Release date: Thu Sep 12 20:16:04 CEST 2013

  • fix PEM parser bug
  • switch to semantic versioning

0.11

Release date: Fri Oct 11 17:06:53 CEST 2013

  • better control over the position of the signature element

0.12

Release date: Wed Dec 4 15:00:29 CET 2013

  • use pyconfig to control configuration parameters
  • support sha2 algorithms
  • several bugfixes for c14n

0.13

Release date: lör 22 mar 2014 10:44:49 CET

  • various unicode fixes related to pkcs#11
  • skip certain tests unless opensc is installed
  • use existing SignatureValue if present
  • various fixes from Fredrik T and Maya W
 
File Type Py Version Uploaded on Size
pyXMLSecurity-0.13.tar.gz (md5) Source 2014-03-22 49KB
  • Downloads (All Versions):
  • 18 downloads in the last day
  • 201 downloads in the last week
  • 936 downloads in the last month