Project Python SourceForge
Legal Notes
How to
Key Generation
Signing a Document
Testing a Document
Trust Relationships

Key Generation

Loading Keys

For your convenience, we've included an interactive key generator with TrustedPickle. You can use the key generator from Python's command line interpreter.

We strongly suggest you use the interactive key generator rather than calling the underlying member functions directly. The NewKeys() function relies on the unpredictable nature of the user's typing speed to help properly seed the random number generator.

Python 2.3.2 (#49, Oct 2 2003, 20:02:00) [MSC v.1200 32 bit (Intel)] on win32
Type "help", "copyright", "credits" or "license" for more information.
>>> import TrustedPickle
>>> TrustedPickle.NewKeys()
Your name: Graham Chapman
Your e-mail address:
Key pair filename base ( & ___.prv): graham
Private key password (blank OK): ("monty" not shown)
Repeat password (for verification): ("monty" not shown)
>>> import glob
>>> glob.glob("graham.*")
['graham.prv', '']

Warning: Keep your private key secret! Do not e-mail it, post it on the Internet, or save it on a public machine. The security on this data is only as good as the password you select. Make sure malicious users cannot access this file at all.

As you can see above, public keys are kept along with the creator's name and e-mail address. Entering a password (not displayed for security reasons) for the private key file is optional, but recommended.

Loading Keys

Once a private and public key pair has been created, you can fetch both back by instantiating the PrivateKey and PublicKeyFile objects, respectively.

Note that the public key (PublicKey object) is stored in a PublicKeyFile object. These key files can contain multiple public keys (as explained in Trust Relationships, later), and therefore multiple PublicKey objects.

>>> PrivKey = TrustedPickle.PrivateKey("graham.prv", "monty")
>>> PrivKey.Read()
>>> PubKeyFile = TrustedPickle.PublicKeyFile("")
>>> PubKeyFile.Read()
>>> PubKey = PubKeyFile.MyPublicKey()

After loading a private key, you should always test it against the public key to see if it was loaded correctly. Using an incorrect password to load the private key will not raise an exception of any sort, it will just load useless data that cannot be used to correctly sign a document or trust relationship.

>>> PrivKey.Test(PubKey)

Public keys may also be tested, but there's not much point in testing your own key, since public key files are not password encoded. Public keys are automatically tested by TrustedPickle if they have been used to sign a document.

>>> PubKey.Test()