pyxmldsig - a Python module to create and verify XML Digital Signatures (XML-DSig)

pyxmldsig is a Python module to create and verify XML Digital Signatures (XML-DSig). This is a simple interface to the PyXMLSec library, aiming to provide a more pythonic API suitable for Python applications.

This code is inspired from PyXMLSec samples, with a simpler and more pythonic interface.

The current version is still work in progress: several improvements are planned (see TODO section in the source code).

CHANGES:

  • 2010-07-13 v0.05: added new class interface, supports signature verification with several certificates.
  • 2010-05-13 v0.03: first release, simple function interface, signature only.

DOWNLOAD:

see zip file below.

LICENSE:

Copyright (c) 2009-2010, Philippe Lagadec (decalage at laposte dot net)

Permission to use, copy, modify, and/or distribute this software for any
purpose with or without fee is hereby granted, provided that the above copyright
notice and this permission notice appear in all copies.

THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND
FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.

USAGE:

pyxmldsig may be used as a command-line tool or as a module in a Python application.

See this article if you don't already have your own keys and certificates to test pyxmldsig.

Usage as a tool:

pyxmldsig.py <data.xml> -k <key-file.pem> [-c cert-file.pem] [-p password]

Sample usage in a Python application:

import pyxmldsig

# simple function interface:
signed_xml = pyxmldsig.sign_file(template_file='myfile.xml',
    key_file='mykey.pem', cert_file='myx509cert.pem', password='mypassword')
print signed_xml

# sign with class interface:
xdsig = pyxmldsig.Xmldsig(key_file='mykey.pem', cert_file='myx509cert.pem',
    password='mypassword')
signed_xml1 = xdsig.sign_file('myfile.xml')
signed_xml2 = xdsig.sign_file(pyxmldsig.TEMPLATE_WITH_CERT)

# verify with class interface:
xdsig2 = pyxmldsig.Xmldsig()
xdsig2.load_certs(['cacert.pem', 'myx509cert.pem'])
assert xdsig2.verify_xmlstring(signed_xml1) == True
assert xdsig2.verify_xmlstring(signed_xml2) == True

REQUIREMENTS:

Alternatives

AttachmentSize
pyxmldsig-0.03.zip7.13 KB
pyxmldsig-0.05.zip9.22 KB