A very poor tool to do S/MIME signatures on binary files. Probably insecurely.
Project description
A very poor tool to generate S/MIME signatures for arbitrary content & probably insecurely too.
A quick example:
>>> smime_sign(
... signer_cert_path="/path/to/files/signer.cert",
... signer_key_path="/path/to/files/signer.pem",
... recipient_cert_path="/path/to/files/recipient.cert",
... content="test",
... output_format="PEM",
... )Features
Does S/MIME signatures.
Verifies S/MIME signatures.
Why?
This utility library has single purpose - provide support for making S/MIME signatures on Python2 and 3, which currently lacks any proper libraries for that purpose.
The main use case it is built for: at work our system has to generate Apple Passbook Pass files, which include an S/MIME signature. Currently it is done using M2Crypto.SMIME. While that works - we want to migrate to Python3, and unfortunately for us M2Crypto is not fully supported. smime_sign is a poor man’s solution for this problem.
Internally this does nothing more than call openssl smime, so you might want to see its docs too.
Why not?
This may be insecure.
This may be slow if you are signing large blobs of text.
API
smime_sign(signer_cert_path, signer_key_path, cert_path, recipient_cert_path, content, output_format)
Generates and returns signature string for content in output_format.
All *_path arguments must be absolute paths.
content must be a string, not a path.
Example to generate signature for Passbook manifest:
>>> manifest_json = "..." # JSON string with `manifest.json` content
>>> signature = smime_sign(
... signer_cert_path="/path/to/files/signer.cert",
... signer_key_path="/path/to/files/signer.pem",
... cert_path="/path/to/files/intermediate.cert",
... recipient_cert_path=None,
... content=manifest_json,
... output_format="DER",
... )smime_verify(signer_cert_path, content_path, signature_path, signature_format)
Verifies a content_path file against a signature at signature_path.
Note: this function was added to help in the tests only.
Credits
Tools used in rendering this package:
History
2.0.1 (2016-01-07)
Added support for passing intermediate certificates.
Made recipient certificate optional.
Argument structure for smime_sign has changed, therefore major version bump-up.
1.0.0 (2015-11-27)
First release on PyPI.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file poor-smime-sign-2.0.2.tar.gz.
File metadata
- Download URL: poor-smime-sign-2.0.2.tar.gz
- Upload date:
- Size: 12.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 67cce3f8454277e7a1ffee7b0ff91cc6b4754474aba0bca1f0efae796d862dfc |
|
| MD5 | 677ec53fb55545ef18e086c83bf368bf |
|
| BLAKE2b-256 | 33f40213e0364b155df0185a8e426d3b1e72e305545295bcdcdac3dc229a7648 |
