xmlsec_pgp
Ability to encrypt XML and add XML signatures to documents using PGP keys.
Requires the following python libraries:
- xmlsec
- PGPy
- cryptography
xmlsec_pgp provides a replacement SignatureContext(), EncryptionContext()
and KeysManager() which can accept PGPy keys, and can then sign, verify,
encrypt and decrypt as normal.
There is also the call xmlsec_pgp.add_pgp_data(key_info_node) to make
<PGPData> tags which are filled out with the PGP key ID and PGP public key.
There appear to be very few implementations of this specification, so interoperability testing has been minimal and feedback is welcome.
LibreOffice implements document signing using PGP+xmldsig, but the generated
signatures do not appear to verify using this module, or with the xmlsec1
command line tool (and a suitable PEM-encoded public key to bridge the gap).
More investigation is required to identify whether the issue is in how
libxmlsec handles the document, or whether the LibreOffice document format is
incorrecly encoding the signature format, causing a mismatch.
This software is licensed under the MIT license. Please see the accompanying
LICENSE file.
