Tool for cms signature

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for yuncliu from gravatar.com yuncliu

Unverified details

These details have not been verified by PyPI

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: Apache Software License (Apache)

Requires: Python >= 3.6

Classifiers

Project description

Introduce

This tool is used sign file with Cryptographic Message Syntax. And add a Timestamp Reply to the cms file optionally.

Installation

To install using pip,:

python -m pip install --upgrade pip
python -m pip install cmssign

This tool depend on cryptographic and asn1crypto

Notice

The version 0.0.1 have some bug, it should not be used.

History

  • 0.0.3 support normal rsa signature

  • 0.0.4 add support for RSASSA-PSS signature, but need java because openssl not support pss padding for timestamp signature

Use with GUI

cmssignui

Use within Command line

cmssign sign

Usage: cmssign sign [-h] --cafile CAFILE --cakey CAKEY [--tsca TSACA] [--tskey TSAKEY] --in INFILE [--out OUTFILE]

      -h, --help            show this help message and exit
      --signer CAFILE       signer certificate file, DER format
      --key CAKEY           signer private key
      --signerCA SIGNERCA   CA of signer, DER format
      --signerCRL SIGNERCRL
                            CRL of signer, DER format
      --rootCRL ROOTCRL     CRL of root CA, DER format
      --tssigner TSSIGNER   timestamp signer certificate, DER format
      --tskey TSKEY         timestamp signer private key, DER format
      --tsCA TSCA           CA of timestamp signer, DER format
      --timestamp TIMESTAMP
                            timestamp. use system time if not set. format must be
                            '20220101123000' yyyyMMDDHHMMSS
      --in INFILE           file to sign
      --out OUTFILE         output file, not implement yet, output file will be INFILE.p7s

If the tssigner and tskey is set correctly, the timestamp reply will be add to the unsigned attributes section at the end of the cms file

cmssign combine

This command will add the timestamp reply to the unsigned attributes section at the end of the cms file

Usage: cmssign combine [-h] --cmsfile CMSFILE --tsfile TSFILE --out OUTFILE
--cmsfile

cms file

--tsfile

timestamp reply file

--out

specific the file to save the output

Example:

// Sign file with timestamp
cmssign sign --signer rootCA.crt --key rootCA.pem --tssigner tsa.crt --tskey tsa.pem --in file_go_sign

// sign with certificates and crls
cmssign sign --signer sign.crt --key sign_pri.pem  --signerCRL cacrl.crl --rootCRL rootcrl.crl --tssigner tsa.crt --tskey tsa.pem --tsCA ca.crt --in rootCA.crt

The certificate only support DER format

Reference

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for yuncliu from gravatar.com yuncliu

Unverified details

These details have not been verified by PyPI

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: Apache Software License (Apache)

Requires: Python >= 3.6

Classifiers

Release history Release notifications | RSS feed

This version

0.0.4

0.0.3

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distribution

cmssign-0.0.4-py3-none-any.whl (5.4 MB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page