dsse

Exceptions

DSSEError

Common base class for all non-exit exceptions.

Classes

DSSE	DSSE: Dead Simple Signing Envelope.

Module Contents

exception dsse.DSSEError

Bases: Exception

Common base class for all non-exit exceptions.

class dsse.DSSE(body: str | bytes, payload_type: str)

DSSE: Dead Simple Signing Envelope.

The current implementation relies on openssl tool.

payload_type

signatures: list[dict[str, str]] = []

sign(key_id: str, private_key: str) → str

Sign the payload using openssl X509 certificate.

Parameters:

• key_id – the key id (used by end-user to identify which key to use for verification).

• private_key – path to file containing the private key

Returns:

return the signature as base64 string

verify(certificate: str) → bool

Preliminary check on the signature.

The current algorithm is to check that at least one signature correspond to the certificate given as parameter. This part should be improved

Parameters:

certificate – path to the certificate containing the public key

Returns:

True if one of the signature can be checked with the certificate

property payload: str

Return the content to sign as base64 string.

Returns:

a base64 string representing the content

property pae: bytes

Return the Pre-Authentication Encoding.

This is the content that is really signed

as_dict() → dict

Return the dict representing the DSSE envelope.

as_json() → str

Return the DSSE envelope.

classmethod load_json(envelope: str) → DSSE

Load a json DSSE string and return a Python DSSE object.

Parameters:

envelope – the json envelope

classmethod load_dict(envelope: dict) → DSSE

Load a dict and return a Python DSSE object.

Parameters:

envelope – the json envelope