git: 8dd2e56b94b7 - main - security/py-signxml: Add py-signxml 4.2.0

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Po-Chuan Hsieh <sunpoet_at_FreeBSD.org>
Date: Sun, 07 Sep 2025 23:10:27 UTC
The branch main has been updated by sunpoet:

URL: https://cgit.FreeBSD.org/ports/commit/?id=8dd2e56b94b75afceae92bf17852e452d00835d3

commit 8dd2e56b94b75afceae92bf17852e452d00835d3
Author:     Po-Chuan Hsieh <sunpoet@FreeBSD.org>
AuthorDate: 2025-09-07 22:21:39 +0000
Commit:     Po-Chuan Hsieh <sunpoet@FreeBSD.org>
CommitDate: 2025-09-07 23:03:08 +0000

    security/py-signxml: Add py-signxml 4.2.0
    
    SignXML is an implementation of the W3C XML Signature standard in Python. This
    standard (also known as "XMLDSig") is used to provide payload security in SAML
    2.0, XAdES, EBICS, and WS-Security, among other uses. The standard is defined in
    the W3C Recommendation XML Signature Syntax and Processing Version 1.1. SignXML
    implements all of the required components of the Version 1.1 standard, and most
    recommended ones. Its features are:
    - Use of a libxml2-based XML parser configured to defend against common XML
      attacks when verifying signatures
    - Extensions to allow signing with and verifying X.509 certificate chains,
      including hostname/CN validation
    - Extensions to sign and verify XAdES signatures
    - Support for exclusive XML canonicalization with inclusive prefixes
      (InclusiveNamespaces PrefixList, required to verify signatures generated by
      some SAML implementations)
    - Modern Python compatibility (3.9-3.13+ and PyPy)
    - Well-supported, portable, reliable dependencies: lxml and cryptography
    - Comprehensive testing (including the XMLDSig interoperability suite) and
      continuous integration
    - Simple interface with useful, ergonomic, and secure defaults (no network
      calls, XSLT or XPath transforms)
    - Compactness, readability, and extensibility
---
 security/Makefile             |  1 +
 security/py-signxml/Makefile  | 25 +++++++++++++++++++++++++
 security/py-signxml/distinfo  |  3 +++
 security/py-signxml/pkg-descr | 21 +++++++++++++++++++++
 4 files changed, 50 insertions(+)

diff --git a/security/Makefile b/security/Makefile
index fbfc8471a1f5..4c01467ae32d 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -1066,6 +1066,7 @@
     SUBDIR += py-securesystemslib
     SUBDIR += py-service-identity
     SUBDIR += py-signedjson
+    SUBDIR += py-signxml
     SUBDIR += py-social-auth-core
     SUBDIR += py-spake2
     SUBDIR += py-ssh-audit
diff --git a/security/py-signxml/Makefile b/security/py-signxml/Makefile
new file mode 100644
index 000000000000..d8b550fa3e56
--- /dev/null
+++ b/security/py-signxml/Makefile
@@ -0,0 +1,25 @@
+PORTNAME=	signxml
+PORTVERSION=	4.2.0
+CATEGORIES=	security python
+MASTER_SITES=	PYPI
+PKGNAMEPREFIX=	${PYTHON_PKGNAMEPREFIX}
+
+MAINTAINER=	sunpoet@FreeBSD.org
+COMMENT=	Python XML Signature and XAdES library
+WWW=		https://xml-security.github.io/signxml/ \
+		https://github.com/XML-Security/signxml
+
+LICENSE=	APACHE20
+LICENSE_FILE=	${WRKSRC}/LICENSE
+
+BUILD_DEPENDS=	${PYTHON_PKGNAMEPREFIX}hatch-vcs>=0:devel/py-hatch-vcs@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}hatchling>=0:devel/py-hatchling@${PY_FLAVOR}
+RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}certifi>=2023.11.17:security/py-certifi@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}lxml5>=5.2.1<7:devel/py-lxml5@${PY_FLAVOR}
+
+USES=		python
+USE_PYTHON=	autoplist concurrent cryptography pep517
+
+NO_ARCH=	yes
+
+.include <bsd.port.mk>
diff --git a/security/py-signxml/distinfo b/security/py-signxml/distinfo
new file mode 100644
index 000000000000..3e65f43e86b0
--- /dev/null
+++ b/security/py-signxml/distinfo
@@ -0,0 +1,3 @@
+TIMESTAMP = 1757120472
+SHA256 (signxml-4.2.0.tar.gz) = 5317b71f682d6b9ebd4a827d564eb43fe8f6edf98030fc30eb629621045441c6
+SIZE (signxml-4.2.0.tar.gz) = 1610974
diff --git a/security/py-signxml/pkg-descr b/security/py-signxml/pkg-descr
new file mode 100644
index 000000000000..b16692a92a68
--- /dev/null
+++ b/security/py-signxml/pkg-descr
@@ -0,0 +1,21 @@
+SignXML is an implementation of the W3C XML Signature standard in Python. This
+standard (also known as "XMLDSig") is used to provide payload security in SAML
+2.0, XAdES, EBICS, and WS-Security, among other uses. The standard is defined in
+the W3C Recommendation XML Signature Syntax and Processing Version 1.1. SignXML
+implements all of the required components of the Version 1.1 standard, and most
+recommended ones. Its features are:
+- Use of a libxml2-based XML parser configured to defend against common XML
+  attacks when verifying signatures
+- Extensions to allow signing with and verifying X.509 certificate chains,
+  including hostname/CN validation
+- Extensions to sign and verify XAdES signatures
+- Support for exclusive XML canonicalization with inclusive prefixes
+  (InclusiveNamespaces PrefixList, required to verify signatures generated by
+  some SAML implementations)
+- Modern Python compatibility (3.9-3.13+ and PyPy)
+- Well-supported, portable, reliable dependencies: lxml and cryptography
+- Comprehensive testing (including the XMLDSig interoperability suite) and
+  continuous integration
+- Simple interface with useful, ergonomic, and secure defaults (no network
+  calls, XSLT or XPath transforms)
+- Compactness, readability, and extensibility