pyhanko.sign.attributes module

class pyhanko.sign.attributes.SignedAttributeProviderSpec

Bases: ABC

New in version 0.14.0.

Interface for setting up signed attributes, independently of the Signer hierarchy.

signed_attr_providers(data_digest: bytes, digest_algorithm: str) → Iterable[CMSAttributeProvider]

Lazily set up signed attribute providers.

Parameters

data_digest – The digest of the data to be signed.
digest_algorithm – The digest algorithm used.

class pyhanko.sign.attributes.UnsignedAttributeProviderSpec

Bases: ABC

New in version 0.14.0.

Interface for setting up unsigned attributes, independently of the Signer hierarchy.

unsigned_attr_providers(signature: bytes, signed_attrs: CMSAttributes, digest_algorithm: str) → Iterable[CMSAttributeProvider]

Lazily set up unsigned attribute providers.

Parameters

signature – The signature computed over the signed attributes.
signed_attrs – Signed attributes over which the signature was taken.
digest_algorithm – The digest algorithm used.

class pyhanko.sign.attributes.CMSAttributeProvider

Bases: object

Base class to provide asynchronous CMS attribute values.

attribute_type: str: Name of the CMS attribute type this provider supplies. See cms.CMSAttributeType.

async build_attr_value(dry_run=False)

Build the attribute value asynchronously.

Parameters: dry_run – True if the signer is operating in dry-run (size estimation) mode.
Returns: An attribute value appropriate for the attribute type.

async get_attribute(dry_run=False) → Optional[CMSAttribute]

class pyhanko.sign.attributes.SigningTimeProvider(timestamp: datetime)

Bases: CMSAttributeProvider

Provide a value for the signing-time attribute (i.e. an otherwise unauthenticated timestamp).

Parameters: timestamp – Datetime object to include.

attribute_type: str = 'signing_time': Name of the CMS attribute type this provider supplies. See cms.CMSAttributeType.

async build_attr_value(dry_run=False) → Time

Build the attribute value asynchronously.

Parameters: dry_run – True if the signer is operating in dry-run (size estimation) mode.
Returns: An attribute value appropriate for the attribute type.

class pyhanko.sign.attributes.SigningCertificateV2Provider(signing_cert: Certificate)

Bases: CMSAttributeProvider

Provide a value for the signing-certificate-v2 attribute.

Parameters: signing_cert – Certificate containing the signer’s public key.

attribute_type: str = 'signing_certificate_v2': Name of the CMS attribute type this provider supplies. See cms.CMSAttributeType.

async build_attr_value(dry_run=False) → SigningCertificateV2

Build the attribute value asynchronously.

Parameters: dry_run – True if the signer is operating in dry-run (size estimation) mode.
Returns: An attribute value appropriate for the attribute type.

class pyhanko.sign.attributes.AdobeRevinfoProvider(value: RevocationInfoArchival)

Bases: CMSAttributeProvider

Yield Adobe-style revocation information for inclusion into a CMS object.

Parameters: value – A (pre-formatted) RevocationInfoArchival object.

attribute_type: str = 'adobe_revocation_info_archival': Name of the CMS attribute type this provider supplies. See cms.CMSAttributeType.

async build_attr_value(dry_run=False) → Optional[RevocationInfoArchival]

Build the attribute value asynchronously.

Parameters: dry_run – True if the signer is operating in dry-run (size estimation) mode.
Returns: An attribute value appropriate for the attribute type.

class pyhanko.sign.attributes.CMSAlgorithmProtectionProvider(digest_algo: str, signature_algo: SignedDigestAlgorithm)

Bases: CMSAttributeProvider

attribute_type: str = 'cms_algorithm_protection': Name of the CMS attribute type this provider supplies. See cms.CMSAttributeType.

async build_attr_value(dry_run=False) → CMSAlgorithmProtection

Build the attribute value asynchronously.

Parameters: dry_run – True if the signer is operating in dry-run (size estimation) mode.
Returns: An attribute value appropriate for the attribute type.

class pyhanko.sign.attributes.TSTProvider(digest_algorithm: str, data_to_ts: bytes, timestamper: TimeStamper, attr_type: str = 'signature_time_stamp_token', prehashed=False)

Bases: CMSAttributeProvider

attribute_type: str: Name of the CMS attribute type this provider supplies. See cms.CMSAttributeType.

async build_attr_value(dry_run=False) → ContentInfo

Build the attribute value asynchronously.

Parameters: dry_run – True if the signer is operating in dry-run (size estimation) mode.
Returns: An attribute value appropriate for the attribute type.