# File Esign (fw-gear-file-esign)
## Overview
### Summary
*This gear enables users to digitally sign files within the Flywheel platform using RSA
encryption and multi-factor authentication (MFA). It supports signing text files, PDFs,
and binary files by embedding signatures appropriately into the file content or
metadata. The gear ensures the integrity and authenticity of files by allowing users to
verify the signatures.*
### Cite
No citation information provided.
### License
**License:** Apache License 2.0
### Classification
**Category:** Security
**Gear Level:**
- [x] Project
- [x] Subject
- [x] Session
- [x] Acquisition
- [x] Analysis
----
[[TOC]]
----
### Inputs
- **input_file**
- **Name**: input_file
- **Type**: file
- **Optional**: No
- **Classification**: Any
- **Description**: The file to be signed. It can be a text file, PDF, or binary
file.
- **Notes**: Ensure the file is correctly uploaded to the platform and accessible
by the gear.
### Config
- **mfa_code**
- **Name**: mfa_code
- **Type**: string
- **Optional**: No
- **Description**: The multi-factor authentication (MFA) code provided by the user
for verification.
- **Default**: None
- **signature_purpose**
- **Name**: signature_purpose
- **Type**: string
- **Optional**: No
- **Description**: The purpose or reason for signing the file.
- **Default**: "No reason provided"
- **debug**
- **Name**: debug
- **Type**: boolean
- **Description**: Enable Debugging
- **Default**: false
### Outputs
#### Files
*A list of output files generated by the gear:*
- **Signed File**
- **Name**: signed_file
- **Type**: file
- **Optional**: No
- **Classification**: Signed file
- **Description**: The input file signed with the user's digital signature.
- **Notes**: The signed file will be saved as a new file.
#### Metadata
*The gear may add or modify the following metadata:*
- For PDF files, the signature is embedded into the PDF's metadata, including the user
ID, timestamp, and signature purpose.
- For text files, the signature is embedded within the file content using zero-width
characters.
- For binary files, a signature file is included in the signed ZIP archive.
### Pre-requisites
This section contains any prerequisites.
#### Prerequisite Gear Runs
- No prerequisite gear runs required.
#### Prerequisite Files
- No prerequisite files required.
#### Prerequisite Metadata
- No specific metadata required.
## Usage
### Description
This gear enables users to digitally sign files within the Flywheel platform using RSA
encryption and multi-factor authentication (MFA). The user provides an MFA code for
authentication, and the gear retrieves the user's email address to associate the
signature with the user. The gear supports signing text files, PDFs, and binary files:
- **Text files** are signed by embedding the signature using zero-width characters
directly into the content of the file, including the signature purpose if provided.
- **PDF files** are signed by embedding the signature into the PDF's metadata,
including user ID, timestamp, and signature purpose.
- **Binary files** are signed by creating a signed ZIP archive containing the original
file and a signature file that includes the signature purpose.
The signed files can then be verified to ensure integrity and authenticity. The gear
ensures that only authenticated users can sign files, providing an additional layer of
security.
#### File Specifications
This section contains specifications on any input files that the gear may need.
##### File
*A description of the input file:*
- The input file to be signed. It can be any of the following:
- Text files (e.g., `.txt`, `.csv`, `.md`).
- PDF files (e.g., `.pdf`).
- Binary files (e.g., images, executables).
*The gear will handle the signing process appropriately based on the file type.*
### Workflow
A picture and description of the workflow.
```mermaid
graph LR;
A[Input File]:::input --> B[Upload];
B --> C[Parent Container<br>Project, Subject, etc];
C:::container --> D((File E-sign Gear));
D:::gear --> E[Signed File]:::container;
classDef container fill:#57d,color:#fff;
classDef input fill:#7a9,color:#fff;
classDef gear fill:#659,color:#fff;
```
Description of workflow
1. Upload file to container
1. Select file as input to gear
1. Geat places output in Analysis
### Configuration
> **Note**: The following configuration steps are managed by Flywheel Support.
Contact <support@flywheel.io> to ensure the gear is properly set up.
Flywheel Support will handle the following:
#### Dedicated Engine Setup
- Configure a dedicated static engine for this gear, ensuring all other gears are
blacklisted from running on this engine.
#### Key Pair Generation and Encoding
- Generate a unique public and private key pair using bin/keygen.py. The keys will
be securely stored in the Flywheel Customer Vault.
- Encode the keys using bin/encode_key.py for storage, and document the encoded keys.
#### Secrets Management
- Add the encoded keys to the instance's secrets.yaml file using SOPS encryption.
For more information on gear setup, please coordinate with the SSE team.
Raw data
{
"_id": null,
"home_page": "https://gitlab.com/flywheel-io/scientific-solutions/gears/file-esign",
"name": "fw-gear-file-esign",
"maintainer": null,
"docs_url": null,
"requires_python": "<4.0,>=3.11",
"maintainer_email": null,
"keywords": "Flywheel, Gears",
"author": "Flywheel",
"author_email": "support@flywheel.io",
"download_url": null,
"platform": null,
"description": "# File Esign (fw-gear-file-esign)\n\n## Overview\n\n### Summary\n\n*This gear enables users to digitally sign files within the Flywheel platform using RSA\nencryption and multi-factor authentication (MFA). It supports signing text files, PDFs,\nand binary files by embedding signatures appropriately into the file content or\nmetadata. The gear ensures the integrity and authenticity of files by allowing users to\nverify the signatures.*\n\n### Cite\n\nNo citation information provided.\n\n### License\n\n**License:** Apache License 2.0\n\n### Classification\n\n**Category:** Security\n\n**Gear Level:**\n\n- [x] Project\n- [x] Subject\n- [x] Session\n- [x] Acquisition\n- [x] Analysis\n\n----\n\n[[TOC]]\n\n----\n\n### Inputs\n\n- **input_file**\n - **Name**: input_file\n - **Type**: file\n - **Optional**: No\n - **Classification**: Any\n - **Description**: The file to be signed. It can be a text file, PDF, or binary\n file.\n - **Notes**: Ensure the file is correctly uploaded to the platform and accessible\n by the gear.\n\n### Config\n\n- **mfa_code**\n - **Name**: mfa_code\n - **Type**: string\n - **Optional**: No\n - **Description**: The multi-factor authentication (MFA) code provided by the user\n for verification.\n - **Default**: None\n\n- **signature_purpose**\n - **Name**: signature_purpose\n - **Type**: string\n - **Optional**: No\n - **Description**: The purpose or reason for signing the file.\n - **Default**: \"No reason provided\"\n\n- **debug**\n - **Name**: debug\n - **Type**: boolean\n - **Description**: Enable Debugging\n - **Default**: false\n\n### Outputs\n\n#### Files\n\n*A list of output files generated by the gear:*\n\n- **Signed File**\n - **Name**: signed_file\n - **Type**: file\n - **Optional**: No\n - **Classification**: Signed file\n - **Description**: The input file signed with the user's digital signature.\n - **Notes**: The signed file will be saved as a new file.\n\n#### Metadata\n\n*The gear may add or modify the following metadata:*\n\n- For PDF files, the signature is embedded into the PDF's metadata, including the user\nID, timestamp, and signature purpose.\n- For text files, the signature is embedded within the file content using zero-width\ncharacters.\n- For binary files, a signature file is included in the signed ZIP archive.\n\n### Pre-requisites\n\nThis section contains any prerequisites.\n\n#### Prerequisite Gear Runs\n\n- No prerequisite gear runs required.\n\n#### Prerequisite Files\n\n- No prerequisite files required.\n\n#### Prerequisite Metadata\n\n- No specific metadata required.\n\n## Usage\n\n### Description\n\nThis gear enables users to digitally sign files within the Flywheel platform using RSA\nencryption and multi-factor authentication (MFA). The user provides an MFA code for\nauthentication, and the gear retrieves the user's email address to associate the\nsignature with the user. The gear supports signing text files, PDFs, and binary files:\n\n- **Text files** are signed by embedding the signature using zero-width characters\ndirectly into the content of the file, including the signature purpose if provided.\n- **PDF files** are signed by embedding the signature into the PDF's metadata,\nincluding user ID, timestamp, and signature purpose.\n- **Binary files** are signed by creating a signed ZIP archive containing the original\nfile and a signature file that includes the signature purpose.\n\nThe signed files can then be verified to ensure integrity and authenticity. The gear\nensures that only authenticated users can sign files, providing an additional layer of\nsecurity.\n\n#### File Specifications\n\nThis section contains specifications on any input files that the gear may need.\n\n##### File\n\n*A description of the input file:*\n\n- The input file to be signed. It can be any of the following:\n - Text files (e.g., `.txt`, `.csv`, `.md`).\n - PDF files (e.g., `.pdf`).\n - Binary files (e.g., images, executables).\n\n*The gear will handle the signing process appropriately based on the file type.*\n\n### Workflow\n\nA picture and description of the workflow.\n\n```mermaid\ngraph LR;\n A[Input File]:::input --> B[Upload];\n B --> C[Parent Container<br>Project, Subject, etc];\n C:::container --> D((File E-sign Gear));\n D:::gear --> E[Signed File]:::container;\n \n classDef container fill:#57d,color:#fff;\n classDef input fill:#7a9,color:#fff;\n classDef gear fill:#659,color:#fff;\n```\n\nDescription of workflow\n\n1. Upload file to container\n1. Select file as input to gear\n1. Geat places output in Analysis\n\n### Configuration\n\n> **Note**: The following configuration steps are managed by Flywheel Support.\nContact <support@flywheel.io> to ensure the gear is properly set up.\n\nFlywheel Support will handle the following:\n\n#### Dedicated Engine Setup\n\n- Configure a dedicated static engine for this gear, ensuring all other gears are\nblacklisted from running on this engine.\n\n#### Key Pair Generation and Encoding\n\n- Generate a unique public and private key pair using bin/keygen.py. The keys will\nbe securely stored in the Flywheel Customer Vault.\n- Encode the keys using bin/encode_key.py for storage, and document the encoded keys.\n\n#### Secrets Management\n\n- Add the encoded keys to the instance's secrets.yaml file using SOPS encryption.\n\nFor more information on gear setup, please coordinate with the SSE team.\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "file-esign is a gear for e-signing plaintext and pdf files. It uses MFA to authenticate the user and incorporates identity and timestamp into an e-signature of the file.",
"version": "0.1.1",
"project_urls": {
"Homepage": "https://gitlab.com/flywheel-io/scientific-solutions/gears/file-esign",
"Repository": "https://gitlab.com/flywheel-io/scientific-solutions/gears/file-esign"
},
"split_keywords": [
"flywheel",
" gears"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "896be56e93b0f5c5b5df2fba89fcf284e74cfcc91aef06373cd5e7c5b00e5fee",
"md5": "46b611c94bed84227cdd42e976709090",
"sha256": "caf4e70c17b4f053e75d58477c4d974f80db2554d0dc821baf714972e38c9247"
},
"downloads": -1,
"filename": "fw_gear_file_esign-0.1.1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "46b611c94bed84227cdd42e976709090",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": "<4.0,>=3.11",
"size": 14463,
"upload_time": "2024-11-18T16:44:36",
"upload_time_iso_8601": "2024-11-18T16:44:36.484045Z",
"url": "https://files.pythonhosted.org/packages/89/6b/e56e93b0f5c5b5df2fba89fcf284e74cfcc91aef06373cd5e7c5b00e5fee/fw_gear_file_esign-0.1.1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-11-18 16:44:36",
"github": false,
"gitlab": true,
"bitbucket": false,
"codeberg": false,
"gitlab_user": "flywheel-io",
"gitlab_project": "scientific-solutions",
"lcname": "fw-gear-file-esign"
}
JSON