Package pysmime :: Module core
[hide private]
[frames] | no frames]

Module core

source code

Core functions to verify, sign, encrypt and decrypt SMIME data, build just on top of M2Crypto library wrapper to OpenSSL.

Classes [hide private]
  BadPKCS7Type
Exception raised if requested PKCS#7 type is not valid.
  CertStoreNotAvailable
Exception raised if the reference certstore for verification is not available.
  MissingSignerCertificate
Exception raised if the input PKCS#7 is not a signed PKCS#7.
Functions [hide private]
M2Crypto.SMIME.PKCS7
encrypt(input_bio, cert, keyring_source, cypher)
Encrypts the input data with the public key in the certificate from keyring source with selected cypher.
source code
str
decrypt(input_bio, private_key, cert, keyring_source, type)
Decrypts the input data with the private key and the certificate from keyring source.
source code
M2Crypto.SMIME.PKCS7
sign(input_bio, private_key, cert, keyring_source, type)
Signs the input data with the private key and the certificate from keyring source.
source code
list or None
verify(input_bio, certstore_path, AUTO_SIGNED_CERT, type)
Retrieves X.509 certificate from input data and verifies signed message using as certificate store input certstore, inspired by: http://code.activestate.com/recipes/285211/.
source code
Function Details [hide private]

encrypt(input_bio, cert, keyring_source, cypher)

source code 

Encrypts the input data with the public key in the certificate from keyring source with selected cypher.

Parameters:
  • input_bio (M2Crypto.BIO) - input data to encrypt.
  • cert (filepath or M2Crypto.BIO or M2Crypto.X509.X509) - the recipient certificate reference from filepath, could be from file, from memory or from pkcs11 smartcard, based on keyring_soruce input parameter.
  • keyring_source (str) - the type of the source for input certificate, used to recall the appropriate method for encrypter settings. Ammitted values are: file, memory, pkcs11.
  • cypher (str) - the cypher to use for encryption of the data, run "openssl enc -help" for supported cyphers, you have to choose a public key cypher from availables.
Returns: M2Crypto.SMIME.PKCS7
the PKCS#7 encrypted data in PEM format.

decrypt(input_bio, private_key, cert, keyring_source, type)

source code 

Decrypts the input data with the private key and the certificate from keyring source.

Parameters:
  • input_bio (M2Crypto.BIO) - input data to sign.
  • private_key (filepath or M2Crypto.BIO or M2Crypto.EVP.PKey) - recipient private key reference, could be from file, from memory or from pkcs11 smartcard, based on keyring_soruce input parameter.
  • cert (filepath or M2Crypto.BIO or M2Crypto.X509.X509) - recipient certificate, could be from filepath, from memory or from pkcs11 smartcard, based on keyring_soruce input parameter.
  • keyring_source (str) - the type of the source for input certificate, used to recall the appropriate method for decrypter settings. Ammitted values are: file, memory, pkcs11.
  • type (str) - specifies the type of input PKCS#7 data: PEM or DER
Returns: str
the decrypted data in plain form.
Raises:
  • BadPKCS7Type - The requested PKCS#7 type is not valid. Ammitted values are PEM and DER.

sign(input_bio, private_key, cert, keyring_source, type)

source code 

Signs the input data with the private key and the certificate from keyring source.

Parameters:
  • input_bio (M2Crypto.BIO) - input data to sign.
  • private_key (filepath or M2Crypto.BIO or M2Crypto.EVP.PKey) - sender private key reference, could be from file, from memory or from pkcs11 smartcard, based on keyring_soruce input parameter.
  • cert (filepath or M2Crypto.BIO or M2Crypto.X509.X509) - sender certificate, could be from filepath, from memory or from pkcs11 smartcard, based on keyring_soruce input parameter.
  • keyring_source (str) - the type of the source for input certificate, used to recall the appropriate method for signer settings. Ammitted values are: file, memory, pkcs11.
  • type (str) - specifies the type of output PKCS#7 data: PEM or DER
Returns: M2Crypto.SMIME.PKCS7
the PKCS#7 signed data in PEM or DER format.

verify(input_bio, certstore_path, AUTO_SIGNED_CERT, type)

source code 

Retrieves X.509 certificate from input data and verifies signed message using as certificate store input certstore, inspired by: http://code.activestate.com/recipes/285211/.

Parameters:
  • input_bio (M2Crypto.BIO) - input data to verify
  • certstore_path (filepath) - path to the file of the trusted certificates, for example /etc/ssl/certs/ca-certificats.crt.
  • type (str) - specifies the type of input PKCS#7 data: PEM or DER
  • AUTOSIGNED_CERT - to accept or not auto signed certificates as valid for verification.
  • AUTO_SIGNED_CERT (boolean)
Returns: list or None
a list of verified certificates retrieved from the original data if verification success, else None.
Raises: