Skip to main content

A very poor tool to do S/MIME signatures on binary files. Probably insecurely.

Project description

===============
poor-smime-sign
===============

.. image:: https://img.shields.io/pypi/v/poor-smime-sign.svg
:target: https://pypi.python.org/pypi/poor-smime-sign

.. image:: https://img.shields.io/travis/seporaitis/poor-smime-sign.svg
:target: https://travis-ci.org/seporaitis/poor-smime-sign


A very poor tool to generate S/MIME signatures for arbitrary content & probably insecurely too.

A quick example:

.. code-block:: python

>>> smime_sign(
... signer_cert_path="/path/to/files/signer.cert",
... signer_key_path="/path/to/files/signer.pem",
... recipient_cert_path="/path/to/files/recipient.cert",
... content="test",
... output_format="PEM",
... )

Features
--------

* Does S/MIME signatures.
* Verifies S/MIME signatures.


Why?
--------

This utility library has single purpose - provide support for making
S/MIME signatures on Python2 **and 3**, which currently lacks any
proper libraries for that purpose.

The main use case it is built for: at work our system has to generate
Apple Passbook Pass files, which include an S/MIME
signature. Currently it is done using ``M2Crypto.SMIME``. While that
works - we want to migrate to Python3, and unfortunately for us
``M2Crypto`` is not fully supported. ``smime_sign`` is a poor man's
solution for this problem.

Internally this does nothing more than call `openssl smime`_, so you
might want to see its docs too.

.. _openssl smime: https://www.openssl.org/docs/manmaster/apps/smime.html


Why not?
--------

* This may be insecure.
* This may be slow if you are signing large blobs of text.


API
===

``smime_sign(signer_cert_path, signer_key_path, cert_path, recipient_cert_path, content, output_format)``
----------------------------------------------------------------------------------------------

Generates and returns signature string for ``content`` in
``output_format``.

All ``*_path`` arguments must be absolute
paths.

``content`` must be a string, not a path.

Example to generate signature for Passbook manifest:

.. code-block:: python

>>> manifest_json = "..." # JSON string with `manifest.json` content
>>> signature = smime_sign(
... signer_cert_path="/path/to/files/signer.cert",
... signer_key_path="/path/to/files/signer.pem",
... cert_path="/path/to/files/intermediate.cert",
... recipient_cert_path=None,
... content=manifest_json,
... output_format="DER",
... )

``smime_verify(signer_cert_path, content_path, signature_path, signature_format)``
----------------------------------------------------------------------------------

Verifies a ``content_path`` file against a signature at ``signature_path``.

Note: this function was added to help in the tests only.


Credits
---------

Tools used in rendering this package:

* Cookiecutter_
* `cookiecutter-pypackage`_

.. _Cookiecutter: https://github.com/audreyr/cookiecutter
.. _`cookiecutter-pypackage`: https://github.com/audreyr/cookiecutter-pypackage




History
-------

2.0.1 (2016-01-07)
------------------

* Added support for passing intermediate certificates.
* Made recipient certificate optional.
* Argument structure for ``smime_sign`` has changed, therefore major version bump-up.


1.0.0 (2015-11-27)
------------------

* First release on PyPI.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

poor-smime-sign-2.0.1.tar.gz (12.8 kB view details)

Uploaded Source

File details

Details for the file poor-smime-sign-2.0.1.tar.gz.

File metadata

File hashes

Hashes for poor-smime-sign-2.0.1.tar.gz
Algorithm Hash digest
SHA256 1bebff9764bb244b24a706c707971b16c121096a159dd494be14104915ed3fa5
MD5 ae317103f9e045f94b64b5ce231ce4bd
BLAKE2b-256 fdfa3adcf0c8f8aaf762b2d520254d97391b918b459718478c2fb2e43bafc894

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page