pyhanko.sign.ades.api module

class pyhanko.sign.ades.api.GenericCommitment(value)

Bases: enum.Enum

An enumeration.

PROOF_OF_ORIGIN = 1
PROOF_OF_RECEIPT = 2
PROOF_OF_DELIVERY = 3
PROOF_OF_SENDER = 4
PROOF_OF_APPROVAL = 5
PROOF_OF_CREATION = 6
property asn1: pyhanko.sign.ades.cades_asn1.CommitmentTypeIndication
class pyhanko.sign.ades.api.CAdESSignedAttrSpec(commitment_type: Optional[pyhanko.sign.ades.cades_asn1.CommitmentTypeIndication] = None, timestamp_content: bool = False, signature_policy_identifier: Optional[pyhanko.sign.ades.cades_asn1.SignaturePolicyIdentifier] = None)

Bases: object

Class that controls signed CAdES attributes on a PDF signature.

commitment_type: Optional[pyhanko.sign.ades.cades_asn1.CommitmentTypeIndication] = None

Signature commitment type. Can be one of the standard values, or a custom one.

timestamp_content: bool = False

Indicate whether the signature should include a signed timestamp.

Note

This should be contrasted with unsigned timestamps: a signed timestamp proves that the signature was created after some point in time, while an unsigned timestamp computed over the signed content proves that the signature existed before said point in time.

signature_policy_identifier: Optional[pyhanko.sign.ades.cades_asn1.SignaturePolicyIdentifier] = None

Signature policy identifier to embed into the signature.

Warning

Right now, pyHanko does not “understand” signature policies, so the signature policy identifier will be taken at face value and embedded without paying any heed to the actual rules of the signature policy. It is the API user’s responsibility to make sure that all relevant provisions of the signature policy are adhered to.

extra_signed_attributes(message_digest, md_algorithm, timestamper: Optional[pyhanko.sign.timestamps.TimeStamper] = None, dry_run=False)