{"id":23669,"library":"endesive","title":"endesive","description":"endesive is a Python library for digital signing and verification of digital signatures in email (S/MIME), PDF (PAdES), and XML (XAdES) documents. Current version is 2.19.3, with a rapid release cadence. Requires Python >=3.0.","status":"active","version":"2.19.3","language":"python","source_language":"en","source_url":"https://github.com/m32/endesive","tags":["digital-signature","pdf","smime","xades","pades","cryptography"],"install":[{"cmd":"pip install endesive","lang":"bash","label":"Install from PyPI"}],"dependencies":[{"reason":"ASN.1 parsing and encoding","package":"asn1crypto","optional":false},{"reason":"Core cryptographic operations (signing, hashing, key management)","package":"cryptography","optional":false},{"reason":"Legacy cryptographic backend (deprecated in 2.18.4)","package":"oscrypto","optional":true}],"imports":[{"note":"","wrong":null,"symbol":"signer","correct":"from endesive import signer"},{"note":"","wrong":null,"symbol":"verifier","correct":"from endesive import verifier"},{"note":"In older versions, xades was a submodule; now it's a top-level import.","wrong":"from endesive.xades import ... (deprecated nested module)","symbol":"xades","correct":"from endesive import xades"},{"note":"","wrong":null,"symbol":"pdf","correct":"from endesive import pdf"},{"note":"","wrong":null,"symbol":"smime","correct":"from endesive import smime"}],"quickstart":{"code":"from endesive import signer, verifier\nimport cryptography.hazmat.primitives.asymmetric.rsa as rsa\nfrom cryptography.hazmat.primitives import serialization, hashes\n\n# Generate a key pair (example)\nprivate_key = rsa.generate_private_key(public_exponent=65537, key_size=2048)\npublic_key = private_key.public_key()\n\n# Serialize private key (PKCS#8 PEM)\npem_private = private_key.private_bytes(\n    encoding=serialization.Encoding.PEM,\n    format=serialization.PrivateFormat.PKCS8,\n    encryption_algorithm=serialization.NoEncryption()\n)\n\n# Sign data\ndata = b\"Hello, endesive!\"\nsignature = signer.sign(private_key, data, hashes.SHA256())\nprint(f\"Signature: {signature.hex()}\")\n\n# Verify\nverified = verifier.verify(public_key, data, signature, hashes.SHA256())\nprint(f\"Verified: {verified}\")","lang":"python","description":"Generate key pair, sign data, and verify signature using endesive's signer and verifier modules."},"warnings":[{"fix":"Update calls to `verify()` to match the new signature: pass the PDF bytes and signature dictionary.","message":"In version 2.18.0, the PAdES signature validation API changed. Old verification code using `pdf.verify()` may break. Use `from endesive.pdf import verify` and check the new parameters.","severity":"breaking","affected_versions":">=2.18.0"},{"fix":"Remove oscrypto imports. Use 'cryptography' as the default backend.","message":"The 'oscrypto' backend was removed in 2.18.4. Code relying on oscrypto for cryptographic operations will fail.","severity":"deprecated","affected_versions":">=2.18.4"},{"fix":"Upgrade to version 2.17.3 or later.","message":"Certificate dates after 2040-01-04 may cause signature creation failures (fixed in 2.17.3). If you encounter 'timestamp out of range' errors, upgrade to >=2.17.3.","severity":"gotcha","affected_versions":"<2.17.3"},{"fix":"Upgrade to version 2.17.2 or later.","message":"Google Cloud KMS HSM signatures may flag as 'not intact' in older versions (fixed in 2.17.2). Upgrade to >=2.17.2 if using external HSM.","severity":"gotcha","affected_versions":"<2.17.2"}],"env_vars":null,"last_verified":"2026-05-01T00:00:00.000Z","next_check":"2026-07-30T00:00:00.000Z","problems":[{"fix":"Run 'pip install endesive' in the correct Python environment.","cause":"Library not installed or installed in wrong environment.","error":"ModuleNotFoundError: No module named 'endesive'"},{"fix":"Use 'from endesive import xades' and call xades.sign() etc.","cause":"Old import path 'from endesive.xades import ...' is no longer valid. XAdES functions are now directly under endesive.","error":"ImportError: cannot import name 'xades' from 'endesive'"},{"fix":"Use 'from endesive import signer' and call 'signer.sign(key, data, hash_alg)'.","cause":"Incorrect usage of signer module. The sign function is top-level in signer, not a method.","error":"AttributeError: module 'endesive.signer' has no attribute 'sign'"}],"ecosystem":"pypi","meta_description":null,"install_score":null,"install_tag":null,"quickstart_score":null,"quickstart_tag":null}