How to use the pgpy.constants.SignatureType function in PGPy

To help you get started, we’ve selected a few PGPy examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github SecurityInnovation / PGPy / tests / test_05_actions.py View on Github external
def test_sign_ctmessage(self, targette_sec, targette_pub, ctmessage):
        # test signing a cleartext message
        expire_at = datetime.utcnow() + timedelta(days=1)

        sig = targette_sec.sign(ctmessage, expires=expire_at)

        assert sig.type == SignatureType.CanonicalDocument
        assert sig.revocable
        assert sig.is_expired is False

        ctmessage |= sig

        if gpg:
            # verify with GnuPG
            self.gpg_verify(ctmessage, pubkey=targette_pub)
github SecurityInnovation / PGPy / tests / test_05_actions.py View on Github external
def test_sign_string(self, targette_sec, targette_pub, string):
        # test signing a string
        # test with all possible subpackets
        sig = targette_sec.sign(string,
                                user=targette_sec.userids[0].name,
                                expires=timedelta(seconds=30),
                                revocable=False,
                                notation={'Testing': 'This signature was generated during unit testing',
                                          'cooldude': bytearray(b'\xc0\x01\xd0\x0d')},
                                policy_uri='about:blank')

        assert sig.type == SignatureType.BinaryDocument
        assert sig.notation == {'Testing': 'This signature was generated during unit testing',
                                'cooldude': bytearray(b'\xc0\x01\xd0\x0d')}

        assert sig.revocable is False
        assert sig.policy_uri == 'about:blank'
        # assert sig.sig.signer_uid == "{:s}".format(sec.userids[0])
        assert next(iter(sig._signature.subpackets['SignersUserID'])).userid == "{:s}".format(targette_sec.userids[0])
        # if not sig.is_expired:
        #     time.sleep((sig.expires_at - datetime.utcnow()).total_seconds())
        assert sig.is_expired is False

        self.sigs['string'] = sig

        if gpg:
            # verify with GnuPG
            self.gpg_verify(string, sig, targette_pub)
github SecurityInnovation / PGPy / tests / test_05_actions.py View on Github external
def test_sign_standalone(self, sec):
        # test creating a standalone signature
        with warnings.catch_warnings():
            warnings.simplefilter('ignore')
            sig = sec.sign(None, notation={"cheese status": "standing alone"})

        assert sig.type == SignatureType.Standalone
        assert sig.notation == {"cheese status": "standing alone"}
        self.sigs[(sec._key.fingerprint.keyid, 'standalone')] = sig
github SecurityInnovation / PGPy / pgpy / pgp.py View on Github external
:keyword reason: Defaults to :py:obj:`constants.RevocationReason.NotSpecified`
        :type reason: One of :py:obj:`constants.RevocationReason`.
        :keyword comment: Defaults to an empty string.
        :type comment: ``str``
        """
        hash_algo = prefs.pop('hash', None)
        if isinstance(target, PGPUID):
            sig_type = SignatureType.CertRevocation

        elif isinstance(target, PGPKey):
            ##TODO: check to make sure that the key that is being revoked:
            #        - is this key
            #        - is one of this key's subkeys
            #        - specifies this key as its revocation key
            if target.is_primary:
                sig_type = SignatureType.KeyRevocation

            else:
                sig_type = SignatureType.SubkeyRevocation

        else:  # pragma: no cover
            raise TypeError

        sig = PGPSignature.new(sig_type, self.key_algorithm, hash_algo, self.fingerprint.keyid, created=prefs.pop('created', None))

        # signature options that only make sense when revoking
        reason = prefs.pop('reason', RevocationReason.NotSpecified)
        comment = prefs.pop('comment', "")
        sig._signature.subpackets.addnew('ReasonForRevocation', hashed=True, code=reason, string=comment)

        return self._sign(target, sig, **prefs)
github SecurityInnovation / PGPy / pgpy / pgp.py View on Github external
flags = NotationDataFlags.HumanReadable
                if isinstance(value, bytearray):
                    flags = 0x00

                sig._signature.subpackets.addnew('NotationData', hashed=True, flags=flags, name=name, value=value)

        if policy_uri is not None:
            sig._signature.subpackets.addnew('Policy', hashed=True, uri=policy_uri)

        if user is not None and uid is not None:
            signers_uid = "{:s}".format(uid)
            sig._signature.subpackets.addnew('SignersUserID', hashed=True, userid=signers_uid)

        # handle an edge case for timestamp signatures vs standalone signatures
        if sig.type == SignatureType.Timestamp and len(sig._signature.subpackets._hashed_sp) > 1:
            sig._signature.sigtype = SignatureType.Standalone

        if prefs.pop('include_issuer_fingerprint', True):
            if isinstance(self._key, PrivKeyV4):
                sig._signature.subpackets.addnew('IssuerFingerprint', hashed=True, _version=4, _issuer_fpr=self.fingerprint)

        sigdata = sig.hashdata(subject)
        h2 = sig.hash_algorithm.hasher
        h2.update(sigdata)
        sig._signature.hash2 = bytearray(h2.digest()[:2])

        _sig = self._key.sign(sigdata, getattr(hashes, sig.hash_algorithm.name)())
        if _sig is NotImplemented:
            raise NotImplementedError(self.key_algorithm)

        sig._signature.signature.from_signer(_sig)
        sig._signature.update_hlen()
github SecurityInnovation / PGPy / pgpy / pgp.py View on Github external
def attested_certifications(self):
        """
        Returns a set of all the hashes of attested certifications covered by this Attestation Key Signature.

        Unhashed subpackets are ignored.
        """
        if self._signature.sigtype != SignatureType.Attestation:
            return set()
        ret = set()
        hlen = self.hash_algorithm.digest_size
        for n in self._signature.subpackets['h_AttestedCertifications']:
            attestations = bytes(n.attested_certifications)
            for i in range(0, len(attestations), hlen):
                ret.add(attestations[i:i+hlen])
        return ret
github SecurityInnovation / PGPy / pgpy / pgp.py View on Github external
:type created: :py:obj:`~datetime.datetime`
        :keyword intended_recipients: Specify a list of :py:obj:`PGPKey` objects that will be encrypted to.
        :type intended_recipients: ``list``
        :keyword include_issuer_fingerprint: Whether to include a hashed subpacket indicating the issuer fingerprint.
                                             (only for v4 keys, defaults to True)
        :type include_issuer_fingerprint: ``bool``
        """
        sig_type = SignatureType.BinaryDocument
        hash_algo = prefs.pop('hash', None)

        if subject is None:
            sig_type = SignatureType.Timestamp

        if isinstance(subject, PGPMessage):
            if subject.type == 'cleartext':
                sig_type = SignatureType.CanonicalDocument

            subject = subject.message

        sig = PGPSignature.new(sig_type, self.key_algorithm, hash_algo, self.fingerprint.keyid, created=prefs.pop('created', None))

        return self._sign(subject, sig, **prefs)
github SecurityInnovation / PGPy / pgpy / packet / packets.py View on Github external
def sigtype_int(self, val):
        self._sigtype = SignatureType(val)
github SecurityInnovation / PGPy / pgpy / pgp.py View on Github external
:type policy_uri: ``str``
        :keyword revocable: If ``False``, this signature will be marked non-revocable
        :type revocable: ``bool``
        :keyword user: Specify which User ID to use when creating this signature. Also adds a "Signer's User ID"
                       to the signature.
        :type user: ``str``
        :keyword created: Specify the time that the signature should be made.  If unset or None,
                          it will use the present time.
        :type created: :py:obj:`~datetime.datetime`
        :keyword intended_recipients: Specify a list of :py:obj:`PGPKey` objects that will be encrypted to.
        :type intended_recipients: ``list``
        :keyword include_issuer_fingerprint: Whether to include a hashed subpacket indicating the issuer fingerprint.
                                             (only for v4 keys, defaults to True)
        :type include_issuer_fingerprint: ``bool``
        """
        sig_type = SignatureType.BinaryDocument
        hash_algo = prefs.pop('hash', None)

        if subject is None:
            sig_type = SignatureType.Timestamp

        if isinstance(subject, PGPMessage):
            if subject.type == 'cleartext':
                sig_type = SignatureType.CanonicalDocument

            subject = subject.message

        sig = PGPSignature.new(sig_type, self.key_algorithm, hash_algo, self.fingerprint.keyid, created=prefs.pop('created', None))

        return self._sign(subject, sig, **prefs)