tsp-client


Nametsp-client JSON
Version 0.2.1 PyPI version JSON
download
home_pagehttps://github.com/pyauth/tsp-client
SummaryAn IETF Time-Stamp Protocol (TSP) (RFC 3161) client
upload_time2024-12-01 18:47:30
maintainerNone
docs_urlNone
authorAndrey Kislyuk
requires_pythonNone
licenseApache Software License
keywords
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage No coveralls.
            tsp-client: An IETF Time-Stamp Protocol (TSP) (RFC 3161) client
===============================================================
tsp-client is an implementation of the `RFC 3161 <https://www.rfc-editor.org/rfc/rfc3161.html>`_ TSP protocol in Python.

TSP is used for point-in-time attestation and non-repudiation as part of various electronic signature and code signing
schemes, including `eIDAS <https://en.wikipedia.org/wiki/EIDAS>`_ `XAdES <https://en.wikipedia.org/wiki/XAdES>`_
(tsp-client is used by `SignXML <https://github.com/XML-Security/signxml>`_ to implement XAdES).

Installation
------------
::

    pip install tsp-client

Synopsis
--------

.. code-block:: python

    from tsp_client import TSPSigner, TSPVerifier

    # Sign a message online by transmitting its digest to the timestamp authority
    message = b"abc"
    signer = TSPSigner()
    signed = signer.sign(message)  # Returns raw bytes of the verified timestamp token.

    # Verify a presented timestamp token offline using the original message
    verified = TSPVerifier().verify(signed, message=message)

    # Or sign and verify using the message digest (digest algorithm may vary)
    import hashlib

    digest = hashlib.sha512(message).digest()
    
    signer.sign(message_digest=digest)
    verified = TSPVerifier().verify(signed, message_digest=digest)

    print(verified.tst_info)  # Parsed TSTInfo (CMS SignedData) structure
    print(verified.signed_attrs)  # Parsed CMS SignedAttributes structure

Specifying a custom TSA
~~~~~~~~~~~~~~~~~~~~~~~
To provide a timestamped signature with non-repudiation verifiable via a chain of trust, TSP requires the use of a TSA
(time-stamp authority) server when generating timestamp tokens. TSA servers can be thought of as digital notaries.
Verification of tokens can be done offline using your system's certificate authority (CA) trust store.

By default, tsp-client uses the `DigiCert TSA server
<https://knowledge.digicert.com/generalinformation/INFO4231.html>`_ when signing tokens. To use a different TSA, set the
``SigningSettings.tsp_server`` attribute as follows:

.. code-block:: python

    from tsp_client import TSPSigner, TSPVerifier, SigningSettings
    signing_settings = SigningSettings(tsp_server="http://timestamp.identrust.com")
    signer = TSPSigner()
    signed = signer.sign(message, signing_settings=signing_settings)

There is currently no credible public TSA that offers HTTPS transport security and does not apply throttling. DigiCert
provides a relatively high throughput public TSA endpoint, but your message digests and tokens will be transmitted
unencrypted over the network. As an alternative, Sectigo offers an HTTPS TSA (``https://timestamp.sectigo.com``) but
applies throttling so is only suitable for low throughput applications.

The European Union maintains a list of trusted TSAs as part of the `eIDAS dashboard
<https://esignature.ec.europa.eu/efda/tl-browser/>`_, however this list only serves as a root of trust and does not link
directly to the TSA endpoints of listed providers.

Authors
-------
* Andrey Kislyuk

Links
-----
* `Project home page (GitHub) <https://github.com/pyauth/tsp-client>`_
* `Documentation <https://pyauth.github.io/tsp-client/>`_
* `Package distribution (PyPI) <https://pypi.python.org/pypi/tsp-client>`_
* `Change log <https://github.com/pyauth/tsp-client/blob/master/Changes.rst>`_
* `IETF RFC 3161: Time-Stamp Protocol (TSP) <https://www.rfc-editor.org/rfc/rfc3161.html>`_

Bugs
~~~~
Please report bugs, issues, feature requests, etc. on `GitHub <https://github.com/pyauth/tsp-client/issues>`_.

License
-------
Copyright 2022-2023, Andrey Kislyuk and tsp-client contributors. Licensed under the terms of the
`Apache License, Version 2.0 <http://www.apache.org/licenses/LICENSE-2.0>`_. Distribution of the LICENSE and NOTICE
files with source copies of this package and derivative works is **REQUIRED** as specified by the Apache License.

            

Raw data

            {
    "_id": null,
    "home_page": "https://github.com/pyauth/tsp-client",
    "name": "tsp-client",
    "maintainer": null,
    "docs_url": null,
    "requires_python": null,
    "maintainer_email": null,
    "keywords": null,
    "author": "Andrey Kislyuk",
    "author_email": "kislyuk@gmail.com",
    "download_url": "https://files.pythonhosted.org/packages/a8/da/102a7b02b9fc3b1b1cd2cb407c7907c3c6757deecec8470d0594f32991ca/tsp_client-0.2.1.tar.gz",
    "platform": "MacOS X",
    "description": "tsp-client: An IETF Time-Stamp Protocol (TSP) (RFC 3161) client\n===============================================================\ntsp-client is an implementation of the `RFC 3161 <https://www.rfc-editor.org/rfc/rfc3161.html>`_ TSP protocol in Python.\n\nTSP is used for point-in-time attestation and non-repudiation as part of various electronic signature and code signing\nschemes, including `eIDAS <https://en.wikipedia.org/wiki/EIDAS>`_ `XAdES <https://en.wikipedia.org/wiki/XAdES>`_\n(tsp-client is used by `SignXML <https://github.com/XML-Security/signxml>`_ to implement XAdES).\n\nInstallation\n------------\n::\n\n    pip install tsp-client\n\nSynopsis\n--------\n\n.. code-block:: python\n\n    from tsp_client import TSPSigner, TSPVerifier\n\n    # Sign a message online by transmitting its digest to the timestamp authority\n    message = b\"abc\"\n    signer = TSPSigner()\n    signed = signer.sign(message)  # Returns raw bytes of the verified timestamp token.\n\n    # Verify a presented timestamp token offline using the original message\n    verified = TSPVerifier().verify(signed, message=message)\n\n    # Or sign and verify using the message digest (digest algorithm may vary)\n    import hashlib\n\n    digest = hashlib.sha512(message).digest()\n    \n    signer.sign(message_digest=digest)\n    verified = TSPVerifier().verify(signed, message_digest=digest)\n\n    print(verified.tst_info)  # Parsed TSTInfo (CMS SignedData) structure\n    print(verified.signed_attrs)  # Parsed CMS SignedAttributes structure\n\nSpecifying a custom TSA\n~~~~~~~~~~~~~~~~~~~~~~~\nTo provide a timestamped signature with non-repudiation verifiable via a chain of trust, TSP requires the use of a TSA\n(time-stamp authority) server when generating timestamp tokens. TSA servers can be thought of as digital notaries.\nVerification of tokens can be done offline using your system's certificate authority (CA) trust store.\n\nBy default, tsp-client uses the `DigiCert TSA server\n<https://knowledge.digicert.com/generalinformation/INFO4231.html>`_ when signing tokens. To use a different TSA, set the\n``SigningSettings.tsp_server`` attribute as follows:\n\n.. code-block:: python\n\n    from tsp_client import TSPSigner, TSPVerifier, SigningSettings\n    signing_settings = SigningSettings(tsp_server=\"http://timestamp.identrust.com\")\n    signer = TSPSigner()\n    signed = signer.sign(message, signing_settings=signing_settings)\n\nThere is currently no credible public TSA that offers HTTPS transport security and does not apply throttling. DigiCert\nprovides a relatively high throughput public TSA endpoint, but your message digests and tokens will be transmitted\nunencrypted over the network. As an alternative, Sectigo offers an HTTPS TSA (``https://timestamp.sectigo.com``) but\napplies throttling so is only suitable for low throughput applications.\n\nThe European Union maintains a list of trusted TSAs as part of the `eIDAS dashboard\n<https://esignature.ec.europa.eu/efda/tl-browser/>`_, however this list only serves as a root of trust and does not link\ndirectly to the TSA endpoints of listed providers.\n\nAuthors\n-------\n* Andrey Kislyuk\n\nLinks\n-----\n* `Project home page (GitHub) <https://github.com/pyauth/tsp-client>`_\n* `Documentation <https://pyauth.github.io/tsp-client/>`_\n* `Package distribution (PyPI) <https://pypi.python.org/pypi/tsp-client>`_\n* `Change log <https://github.com/pyauth/tsp-client/blob/master/Changes.rst>`_\n* `IETF RFC 3161: Time-Stamp Protocol (TSP) <https://www.rfc-editor.org/rfc/rfc3161.html>`_\n\nBugs\n~~~~\nPlease report bugs, issues, feature requests, etc. on `GitHub <https://github.com/pyauth/tsp-client/issues>`_.\n\nLicense\n-------\nCopyright 2022-2023, Andrey Kislyuk and tsp-client contributors. Licensed under the terms of the\n`Apache License, Version 2.0 <http://www.apache.org/licenses/LICENSE-2.0>`_. Distribution of the LICENSE and NOTICE\nfiles with source copies of this package and derivative works is **REQUIRED** as specified by the Apache License.\n",
    "bugtrack_url": null,
    "license": "Apache Software License",
    "summary": "An IETF Time-Stamp Protocol (TSP) (RFC 3161) client",
    "version": "0.2.1",
    "project_urls": {
        "Change log": "https://github.com/pyauth/tsp-client/blob/main/Changes.rst",
        "Documentation": "https://pyauth.github.io/tsp-client/",
        "Homepage": "https://github.com/pyauth/tsp-client",
        "Issue tracker": "https://github.com/pyauth/tsp-client/issues"
    },
    "split_keywords": [],
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "fc7ab1fdeda5ab0a692bb362759229edc7ea8b9c3822e5b6a9029e8de76c2a4f",
                "md5": "2648129c8b813f33ebb5f35ae8e0f253",
                "sha256": "db7f98e26ac370f5aab0055f74e7b3e4fd5245ef2f57cc56db3caa2694b82fd6"
            },
            "downloads": -1,
            "filename": "tsp_client-0.2.1-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "2648129c8b813f33ebb5f35ae8e0f253",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": null,
            "size": 13300,
            "upload_time": "2024-12-01T18:47:28",
            "upload_time_iso_8601": "2024-12-01T18:47:28.868858Z",
            "url": "https://files.pythonhosted.org/packages/fc/7a/b1fdeda5ab0a692bb362759229edc7ea8b9c3822e5b6a9029e8de76c2a4f/tsp_client-0.2.1-py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "a8da102a7b02b9fc3b1b1cd2cb407c7907c3c6757deecec8470d0594f32991ca",
                "md5": "71141fdfe39897b1e71e0dae4dcb2546",
                "sha256": "415ff89aa15775533801bb18bd6b287f30a293d976b8fbb4d30f48873af41ba4"
            },
            "downloads": -1,
            "filename": "tsp_client-0.2.1.tar.gz",
            "has_sig": false,
            "md5_digest": "71141fdfe39897b1e71e0dae4dcb2546",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": null,
            "size": 17334,
            "upload_time": "2024-12-01T18:47:30",
            "upload_time_iso_8601": "2024-12-01T18:47:30.630527Z",
            "url": "https://files.pythonhosted.org/packages/a8/da/102a7b02b9fc3b1b1cd2cb407c7907c3c6757deecec8470d0594f32991ca/tsp_client-0.2.1.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2024-12-01 18:47:30",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "github_user": "pyauth",
    "github_project": "tsp-client",
    "travis_ci": false,
    "coveralls": false,
    "github_actions": true,
    "lcname": "tsp-client"
}
        
Elapsed time: 0.36352s