winsign.timestamp

Timestamp functions for windows signing.

class winsign.timestamp.OldTimeStampReq(**kwargs)

Old style Timestamp request.

componentType = <NamedTypes object, types <NamedType object, type type=<ObjectIdentifier schema object, tagSet <TagSet object, tags 0:0:6>>>, <NamedType object, type blob=<OldTimeStampReqBlob schema object, tagSet=<TagSet object, tags 0:32:16>, subtypeSpec=<ConstraintsIntersection object>, componentType=<NamedTypes object, types <NamedType object, type type=<ObjectIdentifier schema object, tagSet <TagSet object, tags 0:0:6>>>, <OptionalNamedType object, type signature=<OctetString schema object, tagSet <TagSet object, tags 0:0:4-128:32:0>, encoding iso-8859-1>>>, sizeSpec=<ConstraintsIntersection object>>>>

Default collection of ASN.1 types of component (e.g. NamedType) object imposing size constraint on |ASN.1| objects

class winsign.timestamp.OldTimeStampReqBlob(**kwargs)

Old style Timestamp request blob.

componentType = <NamedTypes object, types <NamedType object, type type=<ObjectIdentifier schema object, tagSet <TagSet object, tags 0:0:6>>>, <OptionalNamedType object, type signature=<OctetString schema object, tagSet <TagSet object, tags 0:0:4-128:32:0>, encoding iso-8859-1>>>

Default collection of ASN.1 types of component (e.g. NamedType) object imposing size constraint on |ASN.1| objects

class winsign.timestamp.TSAPolicyId(value=<NoValue object>, **kwargs)

TSA Policy Id.

class winsign.timestamp.TimeStampReq(**kwargs)

RFC3161 Timestamp Request.

componentType = <NamedTypes object, types <NamedType object, type version=<Integer value object, tagSet <TagSet object, tags 0:0:2>, payload [1]>>, <NamedType object, type messageImprint=<DigestInfo schema object, tagSet=<TagSet object, tags 0:32:16>, subtypeSpec=<ConstraintsIntersection object>, componentType=<NamedTypes object, types <NamedType object, type digestAlgorithm=<DigestAlgorithmIdentifier schema object, tagSet=<TagSet object, tags 0:32:16>, subtypeSpec=<ConstraintsIntersection object>, componentType=<NamedTypes object, types <NamedType object, type algorithm=<ObjectIdentifier schema object, tagSet <TagSet object, tags 0:0:6>>>, <OptionalNamedType object, type parameters=<Any schema object, encoding iso-8859-1>>>, sizeSpec=<ConstraintsIntersection object>>>, <NamedType object, type digest=<Digest schema object, tagSet <TagSet object, tags 0:0:4>, encoding iso-8859-1>>>, sizeSpec=<ConstraintsIntersection object>>>, <OptionalNamedType object, type reqPolicy=<TSAPolicyId schema object, tagSet <TagSet object, tags 0:0:6>>>, <OptionalNamedType object, type nonce=<Integer schema object, tagSet <TagSet object, tags 0:0:2>>>, <NamedType object, type certReq=<Boolean value object, tagSet <TagSet object, tags 0:0:1>, subtypeSpec <ConstraintsIntersection object, consts <SingleValueConstraint object, consts 0, 1>>, namedValues <NamedValues object, enums False=0, True=1>, payload [False]>>, <OptionalNamedType object, type extensions=<Any schema object, tagSet <TagSet object, tags 128:0:0>, encoding iso-8859-1>>>

Default collection of ASN.1 types of component (e.g. NamedType) object imposing size constraint on |ASN.1| objects

class winsign.timestamp.TimeStampResp(**kwargs)

RFC3161 Timestamp Response.

componentType = <NamedTypes object, types <NamedType object, type status=<PKIStatusInfo schema object, tagSet=<TagSet object, tags 0:32:16>, subtypeSpec=<ConstraintsIntersection object>, componentType=<NamedTypes object, types <NamedType object, type status=<PKIStatus schema object, tagSet <TagSet object, tags 0:0:2>, namedValues <NamedValues object, enums accepted=0, grantedWithMods=1, r...tification=5, keyUpdateWarning=6>>>, <OptionalNamedType object, type statusString=<PKIFreeText schema object, tagSet=<TagSet object, tags 0:32:16>, subtypeSpec=<ConstraintsIntersection object, consts <ConstraintsIntersection object, consts <ValueSizeConstraint object, consts 1, inf>>>, componentType=<UTF8String schema object, tagSet <TagSet object, tags 0:0:12>, encoding utf-8>, sizeSpec=<ConstraintsIntersection object, consts <ValueSizeConstraint object, consts 1, inf>>>>, <OptionalNamedType object, type failInfo=<PKIFailureInfo schema object, tagSet <TagSet object, tags 0:0:3>, namedValues <NamedValues object, enums badAlg=0, badMessageCheck=1, bad...mFailure=25, duplicateCertReq=26>>>>, sizeSpec=<ConstraintsIntersection object>>>, <OptionalNamedType object, type timeStampToken=<Any schema object, encoding iso-8859-1>>>

Default collection of ASN.1 types of component (e.g. NamedType) object imposing size constraint on |ASN.1| objects

async winsign.timestamp.add_old_timestamp(sig, timestamp_url=None)

Adds an old style timestamp to a SignedData signature.

Parameters

  • sig (SignedData) – signature to add timestamp

  • timestamp_url (str) – URL to fetch timestamp from. A default is used if None is set.

Returns

sig with the timestamp added

async winsign.timestamp.add_rfc3161_timestamp(sig, digest_algo, timestamp_url=None)

Adds an RFC3161 timestamp to a SignedData signature.

Parameters

  • sig (SignedData) – signature to add timestamp

  • digest_algo (str) – digest algorithm to use (‘sha1’ or ‘sha256’)

  • timestamp_url (str) – URL to fetch timestamp from. A default is used if None is set.

Returns

sig with the timestamp added

async winsign.timestamp.get_old_timestamp(signature, timestamp_url=None)

Retrieve an old style timestamp countersignature.

Parameters

  • signature (str) – the signature to get a counter signature for. This is usally the encryptedDigest of our file’s signerInfo section.

  • timestamp_url (str) – what service to use to fetch the timestamp countersignature from. defaults to ‘http://timestamp.digicert.com’.

Returns

SignedData object

async winsign.timestamp.get_rfc3161_timestamp(digest_algo, message, timestamp_url=None)

Retrieve an RFC3161 timestamp countersignature.

Parameters

  • digest_algo (str) – digest algorithm to use. e.g. ‘sha1’ or ‘sha256’

  • message (str) – the message to get a counter signature for. This is usally the encryptedDigest of our file’s signerInfo section.

  • timestamp_url (str) – what service to use to fetch the timestamp countersignature from. defaults to ‘http://timestamp.digicert.com’.

Returns

DER encoded timestamp token