--- /srv/reproducible-results/rbuild-debian/r-b-build.E4kgCdLj/b1/python-signxml_4.2.0+dfsg-1_arm64.changes +++ /srv/reproducible-results/rbuild-debian/r-b-build.E4kgCdLj/b2/python-signxml_4.2.0+dfsg-1_arm64.changes ├── Files │ @@ -1,3 +1,3 @@ │ │ - ef8fd8929125de368c45e6da9f1c5e3a 102860 doc optional python-signxml-doc_4.2.0+dfsg-1_all.deb │ + 65a24cf0919ff1461201fe8a8c29feeb 102836 doc optional python-signxml-doc_4.2.0+dfsg-1_all.deb │ 1805333935a01273a95e6a413cbecd8e 43256 python optional python3-signxml_4.2.0+dfsg-1_all.deb ├── python-signxml-doc_4.2.0+dfsg-1_all.deb │ ├── file list │ │ @@ -1,3 +1,3 @@ │ │ -rw-r--r-- 0 0 0 4 2025-08-28 23:42:45.000000 debian-binary │ │ -rw-r--r-- 0 0 0 1932 2025-08-28 23:42:45.000000 control.tar.xz │ │ --rw-r--r-- 0 0 0 100736 2025-08-28 23:42:45.000000 data.tar.xz │ │ +-rw-r--r-- 0 0 0 100712 2025-08-28 23:42:45.000000 data.tar.xz │ ├── control.tar.xz │ │ ├── control.tar │ │ │ ├── ./md5sums │ │ │ │ ├── ./md5sums │ │ │ │ │┄ Files differ │ ├── data.tar.xz │ │ ├── data.tar │ │ │ ├── ./usr/share/doc/python-signxml-doc/html/index.html │ │ │ │ @@ -788,15 +788,15 @@ │ │ │ │
│ │ │ │
│ │ │ │ validate_schema(signature)[source]
│ │ │ │
│ │ │ │ │ │ │ │
│ │ │ │
│ │ │ │ -verify(data, *, x509_cert=None, cert_subject_name=None, cert_resolver=None, ca_pem_file=None, hmac_key=None, validate_schema=True, parser=None, uri_resolver=None, id_attribute=None, expect_config=SignatureConfiguration(require_x509=True, location='.//', expect_references=1, signature_methods=frozenset({SignatureMethod.ECDSA_SHA224, SignatureMethod.ECDSA_SHA3_512, SignatureMethod.HMAC_SHA224, SignatureMethod.RSA_SHA512, SignatureMethod.DSA_SHA256, SignatureMethod.SHA384_RSA_MGF1, SignatureMethod.SHA3_256_RSA_MGF1, SignatureMethod.ECDSA_SHA3_384, SignatureMethod.RSA_SHA224, SignatureMethod.SHA512_RSA_MGF1, SignatureMethod.HMAC_SHA256, SignatureMethod.SHA3_224_RSA_MGF1, SignatureMethod.ECDSA_SHA384, SignatureMethod.SHA3_512_RSA_MGF1, SignatureMethod.ECDSA_SHA512, SignatureMethod.SHA256_RSA_MGF1, SignatureMethod.HMAC_SHA512, SignatureMethod.SHA3_384_RSA_MGF1, SignatureMethod.ECDSA_SHA3_224, SignatureMethod.RSA_SHA256, SignatureMethod.ECDSA_SHA256, SignatureMethod.SHA224_RSA_MGF1, SignatureMethod.RSA_SHA384, SignatureMethod.ECDSA_SHA3_256, SignatureMethod.HMAC_SHA384}), digest_algorithms=frozenset({DigestAlgorithm.SHA3_224, DigestAlgorithm.SHA224, DigestAlgorithm.SHA384, DigestAlgorithm.SHA3_256, DigestAlgorithm.SHA3_384, DigestAlgorithm.SHA256, DigestAlgorithm.SHA512, DigestAlgorithm.SHA3_512}), ignore_ambiguous_key_info=False, default_reference_c14n_method=CanonicalizationMethod.CANONICAL_XML_1_1), **deprecated_kwargs)[source]
│ │ │ │ +verify(data, *, x509_cert=None, cert_subject_name=None, cert_resolver=None, ca_pem_file=None, hmac_key=None, validate_schema=True, parser=None, uri_resolver=None, id_attribute=None, expect_config=SignatureConfiguration(require_x509=True, location='.//', expect_references=1, signature_methods=frozenset({SignatureMethod.ECDSA_SHA224, SignatureMethod.SHA3_224_RSA_MGF1, SignatureMethod.ECDSA_SHA256, SignatureMethod.HMAC_SHA384, SignatureMethod.ECDSA_SHA3_256, SignatureMethod.SHA512_RSA_MGF1, SignatureMethod.ECDSA_SHA3_224, SignatureMethod.ECDSA_SHA3_384, SignatureMethod.ECDSA_SHA384, SignatureMethod.HMAC_SHA512, SignatureMethod.RSA_SHA256, SignatureMethod.DSA_SHA256, SignatureMethod.ECDSA_SHA3_512, SignatureMethod.SHA384_RSA_MGF1, SignatureMethod.SHA3_256_RSA_MGF1, SignatureMethod.SHA256_RSA_MGF1, SignatureMethod.RSA_SHA224, SignatureMethod.HMAC_SHA256, SignatureMethod.SHA3_512_RSA_MGF1, SignatureMethod.RSA_SHA384, SignatureMethod.ECDSA_SHA512, SignatureMethod.HMAC_SHA224, SignatureMethod.SHA224_RSA_MGF1, SignatureMethod.SHA3_384_RSA_MGF1, SignatureMethod.RSA_SHA512}), digest_algorithms=frozenset({DigestAlgorithm.SHA384, DigestAlgorithm.SHA256, DigestAlgorithm.SHA3_224, DigestAlgorithm.SHA3_256, DigestAlgorithm.SHA3_512, DigestAlgorithm.SHA224, DigestAlgorithm.SHA3_384, DigestAlgorithm.SHA512}), ignore_ambiguous_key_info=False, default_reference_c14n_method=CanonicalizationMethod.CANONICAL_XML_1_1), **deprecated_kwargs)[source] │ │ │ │

Verify the XML signature supplied in the data and return a list of VerifyResult data structures │ │ │ │ representing the data signed by the signature, or raise an exception if the signature is not valid. By default, │ │ │ │ this requires the signature to be generated using a valid X.509 certificate. To enable other means of signature │ │ │ │ validation, set expect_config to a configuration with the require_x509 parameter set to False.

│ │ │ │
│ │ │ │

See what is signed

│ │ │ │

It is important to understand and follow the best practice rule of “See what is signed” when verifying XML │ │ │ │ @@ -1498,15 +1498,15 @@ │ │ │ │ │ │ │ │

│ │ │ │
│ │ │ │ class signxml.xades.XAdESVerifier[source]
│ │ │ │

Create a new XAdES Signature Verifier object, which can be used to verify multiple pieces of data.

│ │ │ │
│ │ │ │
│ │ │ │ -verify(data, *, expect_signature_policy=None, expect_config=XAdESSignatureConfiguration(require_x509=True, location='.//', expect_references=3, signature_methods=frozenset({SignatureMethod.ECDSA_SHA224, SignatureMethod.ECDSA_SHA3_512, SignatureMethod.HMAC_SHA224, SignatureMethod.RSA_SHA512, SignatureMethod.DSA_SHA256, SignatureMethod.SHA384_RSA_MGF1, SignatureMethod.SHA3_256_RSA_MGF1, SignatureMethod.ECDSA_SHA3_384, SignatureMethod.RSA_SHA224, SignatureMethod.SHA512_RSA_MGF1, SignatureMethod.HMAC_SHA256, SignatureMethod.SHA3_224_RSA_MGF1, SignatureMethod.ECDSA_SHA384, SignatureMethod.SHA3_512_RSA_MGF1, SignatureMethod.ECDSA_SHA512, SignatureMethod.SHA256_RSA_MGF1, SignatureMethod.HMAC_SHA512, SignatureMethod.SHA3_384_RSA_MGF1, SignatureMethod.ECDSA_SHA3_224, SignatureMethod.RSA_SHA256, SignatureMethod.ECDSA_SHA256, SignatureMethod.SHA224_RSA_MGF1, SignatureMethod.RSA_SHA384, SignatureMethod.ECDSA_SHA3_256, SignatureMethod.HMAC_SHA384}), digest_algorithms=frozenset({DigestAlgorithm.SHA3_224, DigestAlgorithm.SHA224, DigestAlgorithm.SHA384, DigestAlgorithm.SHA3_256, DigestAlgorithm.SHA3_384, DigestAlgorithm.SHA256, DigestAlgorithm.SHA512, DigestAlgorithm.SHA3_512}), ignore_ambiguous_key_info=False, default_reference_c14n_method=CanonicalizationMethod.CANONICAL_XML_1_1), **xml_verifier_args)[source]
│ │ │ │ +verify(data, *, expect_signature_policy=None, expect_config=XAdESSignatureConfiguration(require_x509=True, location='.//', expect_references=3, signature_methods=frozenset({SignatureMethod.ECDSA_SHA224, SignatureMethod.SHA3_224_RSA_MGF1, SignatureMethod.ECDSA_SHA256, SignatureMethod.HMAC_SHA384, SignatureMethod.ECDSA_SHA3_256, SignatureMethod.SHA512_RSA_MGF1, SignatureMethod.ECDSA_SHA3_224, SignatureMethod.ECDSA_SHA3_384, SignatureMethod.ECDSA_SHA384, SignatureMethod.HMAC_SHA512, SignatureMethod.RSA_SHA256, SignatureMethod.DSA_SHA256, SignatureMethod.ECDSA_SHA3_512, SignatureMethod.SHA384_RSA_MGF1, SignatureMethod.SHA3_256_RSA_MGF1, SignatureMethod.SHA256_RSA_MGF1, SignatureMethod.RSA_SHA224, SignatureMethod.HMAC_SHA256, SignatureMethod.SHA3_512_RSA_MGF1, SignatureMethod.RSA_SHA384, SignatureMethod.ECDSA_SHA512, SignatureMethod.HMAC_SHA224, SignatureMethod.SHA224_RSA_MGF1, SignatureMethod.SHA3_384_RSA_MGF1, SignatureMethod.RSA_SHA512}), digest_algorithms=frozenset({DigestAlgorithm.SHA384, DigestAlgorithm.SHA256, DigestAlgorithm.SHA3_224, DigestAlgorithm.SHA3_256, DigestAlgorithm.SHA3_512, DigestAlgorithm.SHA224, DigestAlgorithm.SHA3_384, DigestAlgorithm.SHA512}), ignore_ambiguous_key_info=False, default_reference_c14n_method=CanonicalizationMethod.CANONICAL_XML_1_1), **xml_verifier_args)[source] │ │ │ │

Verify the XAdES signature supplied in the data and return a list of XAdESVerifyResult data structures │ │ │ │ representing the data signed by the signature, or raise an exception if the signature is not valid. This method │ │ │ │ is a wrapper around signxml.XMLVerifier.verify(); see its documentation for more details and arguments it │ │ │ │ supports.

│ │ │ │
│ │ │ │
Parameters:
│ │ │ │
    │ │ │ │ ├── html2text {} │ │ │ │ │ @@ -411,31 +411,31 @@ │ │ │ │ │ get_cert_chain_verifier(ca_pem_file)[source]¶ │ │ │ │ │ validate_schema(signature)[source]¶ │ │ │ │ │ verify(data, *, x509_cert=None, cert_subject_name=None, cert_ │ │ │ │ │ resolver=None, ca_pem_file=None, hmac_key=None, validate_schema=True, │ │ │ │ │ parser=None, uri_resolver=None, id_attribute=None, expect_ │ │ │ │ │ config=SignatureConfiguration(require_x509=True, location='.//', │ │ │ │ │ expect_references=1, signature_methods=frozenset( │ │ │ │ │ - {SignatureMethod.ECDSA_SHA224, SignatureMethod.ECDSA_SHA3_512, │ │ │ │ │ - SignatureMethod.HMAC_SHA224, SignatureMethod.RSA_SHA512, │ │ │ │ │ - SignatureMethod.DSA_SHA256, SignatureMethod.SHA384_RSA_MGF1, │ │ │ │ │ - SignatureMethod.SHA3_256_RSA_MGF1, SignatureMethod.ECDSA_SHA3_384, │ │ │ │ │ - SignatureMethod.RSA_SHA224, SignatureMethod.SHA512_RSA_MGF1, │ │ │ │ │ - SignatureMethod.HMAC_SHA256, SignatureMethod.SHA3_224_RSA_MGF1, │ │ │ │ │ - SignatureMethod.ECDSA_SHA384, SignatureMethod.SHA3_512_RSA_MGF1, │ │ │ │ │ - SignatureMethod.ECDSA_SHA512, SignatureMethod.SHA256_RSA_MGF1, │ │ │ │ │ - SignatureMethod.HMAC_SHA512, SignatureMethod.SHA3_384_RSA_MGF1, │ │ │ │ │ - SignatureMethod.ECDSA_SHA3_224, SignatureMethod.RSA_SHA256, │ │ │ │ │ - SignatureMethod.ECDSA_SHA256, SignatureMethod.SHA224_RSA_MGF1, │ │ │ │ │ - SignatureMethod.RSA_SHA384, SignatureMethod.ECDSA_SHA3_256, │ │ │ │ │ - SignatureMethod.HMAC_SHA384}), digest_algorithms=frozenset( │ │ │ │ │ - {DigestAlgorithm.SHA3_224, DigestAlgorithm.SHA224, │ │ │ │ │ - DigestAlgorithm.SHA384, DigestAlgorithm.SHA3_256, DigestAlgorithm.SHA3_ │ │ │ │ │ - 384, DigestAlgorithm.SHA256, DigestAlgorithm.SHA512, │ │ │ │ │ - DigestAlgorithm.SHA3_512}), ignore_ambiguous_key_info=False, default_ │ │ │ │ │ + {SignatureMethod.ECDSA_SHA224, SignatureMethod.SHA3_224_RSA_MGF1, │ │ │ │ │ + SignatureMethod.ECDSA_SHA256, SignatureMethod.HMAC_SHA384, │ │ │ │ │ + SignatureMethod.ECDSA_SHA3_256, SignatureMethod.SHA512_RSA_MGF1, │ │ │ │ │ + SignatureMethod.ECDSA_SHA3_224, SignatureMethod.ECDSA_SHA3_384, │ │ │ │ │ + SignatureMethod.ECDSA_SHA384, SignatureMethod.HMAC_SHA512, │ │ │ │ │ + SignatureMethod.RSA_SHA256, SignatureMethod.DSA_SHA256, │ │ │ │ │ + SignatureMethod.ECDSA_SHA3_512, SignatureMethod.SHA384_RSA_MGF1, │ │ │ │ │ + SignatureMethod.SHA3_256_RSA_MGF1, SignatureMethod.SHA256_RSA_MGF1, │ │ │ │ │ + SignatureMethod.RSA_SHA224, SignatureMethod.HMAC_SHA256, │ │ │ │ │ + SignatureMethod.SHA3_512_RSA_MGF1, SignatureMethod.RSA_SHA384, │ │ │ │ │ + SignatureMethod.ECDSA_SHA512, SignatureMethod.HMAC_SHA224, │ │ │ │ │ + SignatureMethod.SHA224_RSA_MGF1, SignatureMethod.SHA3_384_RSA_MGF1, │ │ │ │ │ + SignatureMethod.RSA_SHA512}), digest_algorithms=frozenset( │ │ │ │ │ + {DigestAlgorithm.SHA384, DigestAlgorithm.SHA256, DigestAlgorithm.SHA3_ │ │ │ │ │ + 224, DigestAlgorithm.SHA3_256, DigestAlgorithm.SHA3_512, │ │ │ │ │ + DigestAlgorithm.SHA224, DigestAlgorithm.SHA3_384, │ │ │ │ │ + DigestAlgorithm.SHA512}), ignore_ambiguous_key_info=False, default_ │ │ │ │ │ reference_c14n_method=CanonicalizationMethod.CANONICAL_XML_1_1), │ │ │ │ │ **deprecated_kwargs)[source]¶ │ │ │ │ │ Verify the XML signature supplied in the data and return a list of │ │ │ │ │ VerifyResult data structures representing the data signed by the │ │ │ │ │ signature, or raise an exception if the signature is not valid. By │ │ │ │ │ default, this requires the signature to be generated using a valid │ │ │ │ │ X.509 certificate. To enable other means of signature validation, │ │ │ │ │ @@ -857,31 +857,31 @@ │ │ │ │ │ DigestValue: str¶ │ │ │ │ │ class signxml.xades.XAdESVerifier[source]¶ │ │ │ │ │ Create a new XAdES Signature Verifier object, which can be used to verify │ │ │ │ │ multiple pieces of data. │ │ │ │ │ verify(data, *, expect_signature_policy=None, expect_ │ │ │ │ │ config=XAdESSignatureConfiguration(require_x509=True, location='.//', │ │ │ │ │ expect_references=3, signature_methods=frozenset( │ │ │ │ │ - {SignatureMethod.ECDSA_SHA224, SignatureMethod.ECDSA_SHA3_512, │ │ │ │ │ - SignatureMethod.HMAC_SHA224, SignatureMethod.RSA_SHA512, │ │ │ │ │ - SignatureMethod.DSA_SHA256, SignatureMethod.SHA384_RSA_MGF1, │ │ │ │ │ - SignatureMethod.SHA3_256_RSA_MGF1, SignatureMethod.ECDSA_SHA3_384, │ │ │ │ │ - SignatureMethod.RSA_SHA224, SignatureMethod.SHA512_RSA_MGF1, │ │ │ │ │ - SignatureMethod.HMAC_SHA256, SignatureMethod.SHA3_224_RSA_MGF1, │ │ │ │ │ - SignatureMethod.ECDSA_SHA384, SignatureMethod.SHA3_512_RSA_MGF1, │ │ │ │ │ - SignatureMethod.ECDSA_SHA512, SignatureMethod.SHA256_RSA_MGF1, │ │ │ │ │ - SignatureMethod.HMAC_SHA512, SignatureMethod.SHA3_384_RSA_MGF1, │ │ │ │ │ - SignatureMethod.ECDSA_SHA3_224, SignatureMethod.RSA_SHA256, │ │ │ │ │ - SignatureMethod.ECDSA_SHA256, SignatureMethod.SHA224_RSA_MGF1, │ │ │ │ │ - SignatureMethod.RSA_SHA384, SignatureMethod.ECDSA_SHA3_256, │ │ │ │ │ - SignatureMethod.HMAC_SHA384}), digest_algorithms=frozenset( │ │ │ │ │ - {DigestAlgorithm.SHA3_224, DigestAlgorithm.SHA224, │ │ │ │ │ - DigestAlgorithm.SHA384, DigestAlgorithm.SHA3_256, DigestAlgorithm.SHA3_ │ │ │ │ │ - 384, DigestAlgorithm.SHA256, DigestAlgorithm.SHA512, │ │ │ │ │ - DigestAlgorithm.SHA3_512}), ignore_ambiguous_key_info=False, default_ │ │ │ │ │ + {SignatureMethod.ECDSA_SHA224, SignatureMethod.SHA3_224_RSA_MGF1, │ │ │ │ │ + SignatureMethod.ECDSA_SHA256, SignatureMethod.HMAC_SHA384, │ │ │ │ │ + SignatureMethod.ECDSA_SHA3_256, SignatureMethod.SHA512_RSA_MGF1, │ │ │ │ │ + SignatureMethod.ECDSA_SHA3_224, SignatureMethod.ECDSA_SHA3_384, │ │ │ │ │ + SignatureMethod.ECDSA_SHA384, SignatureMethod.HMAC_SHA512, │ │ │ │ │ + SignatureMethod.RSA_SHA256, SignatureMethod.DSA_SHA256, │ │ │ │ │ + SignatureMethod.ECDSA_SHA3_512, SignatureMethod.SHA384_RSA_MGF1, │ │ │ │ │ + SignatureMethod.SHA3_256_RSA_MGF1, SignatureMethod.SHA256_RSA_MGF1, │ │ │ │ │ + SignatureMethod.RSA_SHA224, SignatureMethod.HMAC_SHA256, │ │ │ │ │ + SignatureMethod.SHA3_512_RSA_MGF1, SignatureMethod.RSA_SHA384, │ │ │ │ │ + SignatureMethod.ECDSA_SHA512, SignatureMethod.HMAC_SHA224, │ │ │ │ │ + SignatureMethod.SHA224_RSA_MGF1, SignatureMethod.SHA3_384_RSA_MGF1, │ │ │ │ │ + SignatureMethod.RSA_SHA512}), digest_algorithms=frozenset( │ │ │ │ │ + {DigestAlgorithm.SHA384, DigestAlgorithm.SHA256, DigestAlgorithm.SHA3_ │ │ │ │ │ + 224, DigestAlgorithm.SHA3_256, DigestAlgorithm.SHA3_512, │ │ │ │ │ + DigestAlgorithm.SHA224, DigestAlgorithm.SHA3_384, │ │ │ │ │ + DigestAlgorithm.SHA512}), ignore_ambiguous_key_info=False, default_ │ │ │ │ │ reference_c14n_method=CanonicalizationMethod.CANONICAL_XML_1_1), **xml_ │ │ │ │ │ verifier_args)[source]¶ │ │ │ │ │ Verify the XAdES signature supplied in the data and return a list │ │ │ │ │ of XAdESVerifyResult data structures representing the data signed │ │ │ │ │ by the signature, or raise an exception if the signature is not │ │ │ │ │ valid. This method is a wrapper around signxml.XMLVerifier.verify │ │ │ │ │ (); see its documentation for more details and arguments it