dsse
====

.. py:module:: dsse


Exceptions
----------

.. autoapisummary::

   dsse.DSSEError


Classes
-------

.. autoapisummary::

   dsse.DSSE


Module Contents
---------------

.. py:exception:: DSSEError

   Bases: :py:obj:`Exception`


   Common base class for all non-exit exceptions.


.. py:class:: DSSE(body: str | bytes, payload_type: str)

   DSSE: Dead Simple Signing Envelope.

   The current implementation relies on openssl tool.


   .. py:attribute:: payload_type


   .. py:attribute:: signatures
      :type:  list[dict[str, str]]
      :value: []



   .. py:method:: sign(key_id: str, private_key: str) -> str

      Sign the payload using openssl X509 certificate.

      :param key_id: the key id (used by end-user to identify which key to use
          for verification).
      :param private_key: path to file containing the private key
      :return: return the signature as base64 string



   .. py:method:: verify(certificate: str) -> bool

      Preliminary check on the signature.

      The current algorithm is to check that at least one signature correspond
      to the certificate given as parameter. This part should be improved

      :param certificate: path to the certificate containing the public key
      :return: True if one of the signature can be checked with the certificate



   .. py:property:: payload
      :type: str


      Return the content to sign as base64 string.

      :return: a base64 string representing the content



   .. py:property:: pae
      :type: bytes


      Return the Pre-Authentication Encoding.

      This is the content that is really signed



   .. py:method:: as_dict() -> dict

      Return the dict representing the DSSE envelope.



   .. py:method:: as_json() -> str

      Return the DSSE envelope.



   .. py:method:: load_json(envelope: str) -> DSSE
      :classmethod:


      Load a json DSSE string and return a Python DSSE object.

      :param envelope: the json envelope



   .. py:method:: load_dict(envelope: dict) -> DSSE
      :classmethod:


      Load a dict and return a Python DSSE object.

      :param envelope: the json envelope



