OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]
Python open source libraries for ebXML


Two Python open source libraries aimed at supporting ebXML have been published recently. 


The CPPA3 package provides a collection of Python modules to process OASIS ebCore CPPA3 documents and related functionality. CPPA3 is version 3 of the ebXML Collaboration Protocol Profile and Agreement specification. A CPP is an XML document representing a party’s technical and business collaboration capabilities. A CPA is an XML document representing the agreed collaboration parameters of two parties. It can be used to configure B2B messaging systems used to exchange messages between two parties using the agreed settings. The ebCore Technical Committee (ebXML Core) is maintaining and enhancing the CPPA specification.

The development of this package tracks the development of the ebCore CPPA3 schema and specification. This release of the package is compatible with the draft version 2016_02_17, available from https://www.oasis-open.org/committees/document.php?document_id=57550. That version supports configuration covering:

- the complete ebMS 3.0 Core OASIS Standard (docs.oasis-open.org/ebxml-msg/ebms/v3.0/core/os/)
- the complete AS4 OASIS Standard (http://docs.oasis-open.org/ebxml-msg/ebms/v3.0/profiles/AS4-profile/v1.0/)
- some parts of the ebMS 3.0 Part 2 Advanced Features specification (http://docs.oasis-open.org/ebxml-msg/ebms/v3.0/part2/201004/).
- ebMS 2.0 (https://www.oasis-open.org/standards#ebxmlmsgv2)
- Web Services
- and the AS1, AS2 (https://tools.ietf.org/html/rfc4130) and AS3 IETF EDIINT specifications.

Currently, two modules are provided:

unify.py provides functionality to automatically form a CPA from two CPPs.
pmode.py provides functionality to generate a (set of) P-Modes from a CPA.
Various future enhancements of this library are planned.

As the CPPA3 schema is still under development, it may change in backward-incompatible ways, and this library will be updated accordingly.

An extensive test suite is provided for the two modules, consisting of sample CPPs and resulting CPAs and "P-modes". To run the test suite, you can optionally validate the CPP or CPA documents against the draft CPPA3 XML schema. To do this, you must download the schema to a readable location on the filesystem, and set the CPPA3XSDDIR environment variable to this location. If the variable is not set, no validation is done.

The library is available from the Python Package Index, at the address https://pypi.python.org/pypi/cppa3, and can be installed using PIP, the Python package installer tool.


X.509 certificate information can be encoded and exchanged in various standardized formats. One of these formats is the KeyInfo representation defined in the W3C XML Signature recommendation. This is an XML-based representation that wraps the Base64 encoded X.509 certificate and can provided additional information (such as certificate digests or key names). 

KeyInfo is used in the ebXML CPPA (Collaboration Protocol Profile and Agreements) version 2.0 OASIS Standard to allow parties to publish their certificates for signing and encryption in their profiles, and to configure agreements with partners using specific certificates. KeyInfo is also used in the upcoming version 3.0 of CPPA for similar purposes. In the ebCore Agreement Update specification it is used for Certificate Updates, similar to the older IETF CEM protocol. 

Current users of ebMS 2.0 and CPA 2.0 have been using an existing Java tool, called KeyInfoWriter, available from https://github.com/ricemery/keyinfowriter and shipped with the Axway B2B product, for many years. It converts X.509 certificates from various formats to KeyInfo. KeyInfo is a new and similar open source library that provides the same functionality for Python, based on the excellent and well-maintained and audited cryptography and lxml libraries. Compared to the Java KeyInfoWriter tool, beyond supporting Python, it adds two features:

1) It converts X.509 certificates to W3C XML Signature KeyInfo structures, but can also parse KeyInfo XML into certificates.
2) It supports not just the XML Signature 1.0 standard, but also optionally the newer XML Signature 1.1. The main difference is the use of sig11:X509Digest instead of ds:X509IssuerSerial.

The library is available from the Python Package Index, at the address https://pypi.python.org/pypi/keyinfo, and can be installed using PIP, the Python package installer tool.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]