pyhanko.sign.timestamps package
Submodules
pyhanko.sign.timestamps.aiohttp_client module
- class pyhanko.sign.timestamps.aiohttp_client.AIOHttpTimeStamper(url, session: ClientSession | LazySession, https=False, timeout=5, headers=None, auth: BasicAuth | None = None)
Bases:
TimeStamper
- async async_request_headers() dict
Format the HTTP request headers. Subclasses can override this to perform their own header generation logic.
- Returns:
Header dictionary.
- async get_session() ClientSession
- async async_timestamp(message_digest, md_algorithm) ContentInfo
Request a timestamp for the given message digest.
- Parameters:
message_digest – Message digest to which the timestamp will apply.
md_algorithm –
Message digest algorithm to use.
Note
As per RFC 8933,
md_algorithm
should also be the algorithm used to computemessage_digest
.
- Returns:
A timestamp token, encoded as an
asn1crypto.cms.ContentInfo
object.- Raises:
IOError – Raised in case of an I/O issue in the communication with the timestamping server.
TimestampRequestError – Raised if the timestamp server did not return a success response, or if the server’s response is invalid.
- async async_request_tsa_response(req: TimeStampReq) TimeStampResp
Submit the specified timestamp request to the server.
- Parameters:
req – Request body to submit.
- Returns:
A timestamp response from the server.
- Raises:
IOError – Raised in case of an I/O issue in the communication with the timestamping server.
pyhanko.sign.timestamps.api module
Module to handle the timestamping functionality in pyHanko.
Many PDF signature profiles require trusted timestamp tokens. The tools in this module allow pyHanko to obtain such tokens from RFC 3161-compliant time stamping authorities.
- class pyhanko.sign.timestamps.api.TimeStamper(include_nonce=True)
Bases:
object
Changed in version 0.9.0: Made API more asyncio-friendly _(breaking change)_
Class to make RFC 3161 timestamp requests.
- request_cms(message_digest, md_algorithm)
Format the body of an RFC 3161 request as a CMS object. Subclasses with more specific needs may want to override this.
- Parameters:
message_digest – Message digest to which the timestamp will apply.
md_algorithm –
Message digest algorithm to use.
Note
As per RFC 8933,
md_algorithm
should also be the algorithm used to computemessage_digest
.
- Returns:
An
asn1crypto.tsp.TimeStampReq
object.
- async validation_paths(validation_context)
Produce validation paths for the certificates gathered by this
TimeStamper
.This is internal API.
- Parameters:
validation_context – The validation context to apply.
- Returns:
An asynchronous generator of validation paths.
- async async_dummy_response(md_algorithm) ContentInfo
Return a dummy response for use in CMS object size estimation.
For every new
md_algorithm
passed in, this method will call thetimestamp()
method exactly once, with a dummy digest. The resulting object will be cached and reused for future invocations ofdummy_response()
with the samemd_algorithm
value.- Parameters:
md_algorithm – Message digest algorithm to use.
- Returns:
A timestamp token, encoded as an
asn1crypto.cms.ContentInfo
object.
- async async_request_tsa_response(req: TimeStampReq) TimeStampResp
Submit the specified timestamp request to the server.
- Parameters:
req – Request body to submit.
- Returns:
A timestamp response from the server.
- Raises:
IOError – Raised in case of an I/O issue in the communication with the timestamping server.
- async async_timestamp(message_digest, md_algorithm) ContentInfo
Request a timestamp for the given message digest.
- Parameters:
message_digest – Message digest to which the timestamp will apply.
md_algorithm –
Message digest algorithm to use.
Note
As per RFC 8933,
md_algorithm
should also be the algorithm used to computemessage_digest
.
- Returns:
A timestamp token, encoded as an
asn1crypto.cms.ContentInfo
object.- Raises:
IOError – Raised in case of an I/O issue in the communication with the timestamping server.
TimestampRequestError – Raised if the timestamp server did not return a success response, or if the server’s response is invalid.
pyhanko.sign.timestamps.common_utils module
- exception pyhanko.sign.timestamps.common_utils.TimestampRequestError
Bases:
OSError
Raised when an error occurs while requesting a timestamp.
- pyhanko.sign.timestamps.common_utils.get_nonce()
- pyhanko.sign.timestamps.common_utils.extract_ts_certs(ts_token, store: CertificateStore)
- pyhanko.sign.timestamps.common_utils.dummy_digest(md_algorithm: str) bytes
- pyhanko.sign.timestamps.common_utils.handle_tsp_response(response: TimeStampResp, nonce: bytes | None) ContentInfo
- pyhanko.sign.timestamps.common_utils.set_tsp_headers(headers: dict)
pyhanko.sign.timestamps.dummy_client module
- class pyhanko.sign.timestamps.dummy_client.DummyTimeStamper(tsa_cert: Certificate, tsa_key: PrivateKeyInfo, certs_to_embed: CertificateStore | None = None, fixed_dt: datetime | None = None, include_nonce=True, override_md=None)
Bases:
TimeStamper
Timestamper that acts as its own TSA. It accepts all requests and signs them using the certificate provided. Used for testing purposes.
- request_tsa_response(req: TimeStampReq) TimeStampResp
- async async_request_tsa_response(req: TimeStampReq) TimeStampResp
Submit the specified timestamp request to the server.
- Parameters:
req – Request body to submit.
- Returns:
A timestamp response from the server.
- Raises:
IOError – Raised in case of an I/O issue in the communication with the timestamping server.
pyhanko.sign.timestamps.requests_client module
- class pyhanko.sign.timestamps.requests_client.HTTPTimeStamper(url, https=False, timeout=5, auth=None, headers=None)
Bases:
TimeStamper
Standard HTTP-based timestamp client.
- request_headers() dict
Format the HTTP request headers.
- Returns:
Header dictionary.
- async async_request_tsa_response(req: TimeStampReq) TimeStampResp
Submit the specified timestamp request to the server.
- Parameters:
req – Request body to submit.
- Returns:
A timestamp response from the server.
- Raises:
IOError – Raised in case of an I/O issue in the communication with the timestamping server.