Package pysmime :: Module mail
[hide private]
[frames] | no frames]

Module mail

source code

Functions to verify, sign, encrypt and decrypt SMIME mail entity, build on top of pysmime/core.

Functions [hide private]
str
mail_encrypt(mail, recipient_cert, keyring_source='file', cypher='des_ede3_cbc')
Encrypts the input mail data with public key of input certificate.
source code
str
mail_decrypt(encrypted_mail, recipient_private_key, recipient_cert, keyring_source='file', type='PEM')
Decrypts the input mail data with input private key and input certificate.
source code
str
mail_sign(mail, sender_private_key, sender_cert, keyring_source='file', type='PEM')
Signs the input mail data with input private key and input certificate.
source code
list
mail_verify(signed_mail, certstore_path, AUTO_SIGNED_CERT=False, type='PEM')
Verifies the input mail data against the certificates stored in file at certstore path.
source code
Function Details [hide private]

mail_encrypt(mail, recipient_cert, keyring_source='file', cypher='des_ede3_cbc')

source code 

Encrypts the input mail data with public key of input certificate.

Parameters:
  • mail (str) - mail text to encrypt.
  • recipient_cert (filepath or M2Crypto.BIO or M2Crypto.X509.X509) - the recipient certificate reference from filepath, could be from file, from memory or from pkcs11 smartcard, based on keyring_source input parameter.
  • keyring_source (str) - the type of the source for input certificate, used to recall the appropriate method for encrypter settings. Ammitted values are: file, memory, pkcs11.
  • cypher (str) - the cypher to use for encryption of the data, run "openssl enc -help" for supported cyphers, you have to choose a public key cypher from availables.
Returns: str
the encrypted data in PEM format with MIME header.

mail_decrypt(encrypted_mail, recipient_private_key, recipient_cert, keyring_source='file', type='PEM')

source code 

Decrypts the input mail data with input private key and input certificate.

Parameters:
  • encrypted_mail (str) - encrypted mail body to decrypt.
  • recipient_private_key (filepath or M2Crypto.BIO or M2Crypto.EVP.PKey) - recipient private key reference, could be from file, from memory or from pkcs11 smartcard, based on keyring_source input parameter.
  • recipient_cert (filepath or M2Crypto.BIO or M2Crypto.X509.X509) - recipient certificate, could be from filepath, from memory or from pkcs11 smartcard, based on keyring_source input parameter.
  • keyring_source (str) - the type of the source for input certificate, used to recall the appropriate method for decrypter settings. Ammitted values are: file, memory, pkcs11.
  • type (str) - specifies the type of input PKCS#7 data: PEM or DER
Returns: str
the decrypted data in plain form.

mail_sign(mail, sender_private_key, sender_cert, keyring_source='file', type='PEM')

source code 

Signs the input mail data with input private key and input certificate.

Parameters:
  • mail (str) - mail text to sign.
  • sender_private_key (filepath or M2Crypto.BIO or M2Crypto.EVP.PKey) - recipient private key reference, could be from file, from memory or from pkcs11 smartcard, based on keyring_source input parameter.
  • sender_cert (filepath or M2Crypto.BIO or M2Crypto.X509.X509) - recipient certificate, could be from filepath, from memory or from pkcs11 smartcard, based on keyring_source input parameter.
  • keyring_source (str) - the type of the source for input certificate, used to recall the appropriate method for decrypter settings. Ammitted values are: file, memory, pkcs11.
  • type (str) - specifies the type of output PKCS#7 data: PEM or DER
Returns: str
the signed data in PEM format with MIME header.

mail_verify(signed_mail, certstore_path, AUTO_SIGNED_CERT=False, type='PEM')

source code 

Verifies the input mail data against the certificates stored in file at certstore path.

Parameters:
  • signed_mail (str) - the signed mail text to verify.
  • certstore_path (filepath) - path to the file of the trusted certificates, for example /etc/ssl/certs/ca-certificats.crt.
  • AUTO_SIGNED_CERT (boolean) - to accept or not auto signed certificates as valid for verification.
  • type (str) - specifies the type of input PKCS#7 data: PEM or DER
Returns: list
list of the certificate of the signers verified.