Project Python SourceForge
Introduction
Legal Notes
Suitability
 
Setup
Download
Installation
 
How to
Key Generation
Signing a Document
Testing a Document
Trust Relationships
 
Documentation
TrustedPickle
ModuleObject
PrivateKey
PublicKey
PublicKeyFile
Signature
TPickle
TrustRelationship

Reading and Testing a Signed Document

When testing a signed document, you will need a list of all the public keys you trust. This list is then hard-coded into your application and compared against any signatures on file for the document.

PublicKeyFiles have a dictionary called Keys. It also has a member called Owner which is the owner's public key. Our public key file, obviously, only has one key so far; the owner's.

>>> hex(PubKeyFile.Owner)
'0xBDCC3B95DD9417F8379D1935EDA94E59L'
>>> for i in PubKeyFile.Keys: print hex(i), PubKeyFile.Keys[i].Name
...
0xBDCC3B95DD9417F8379D1935EDA94E59L Graham Chapman

I prefer dealing with keys in hex, but you do not have to.

Now that we know our public key, we can test the signed document to see if we trust it.

>>> Trusted = [0xBDCC3B95DD9417F8379D1935EDA94E59L]
>>> SigClass, SigList = Doc.TestSignatures(Trusted)
>>> SigClass == TrustedPickle.TRUSTED
True
>>> len(SigList)
1
>>> SigList[0].Name
'Graham Chapman'

The TestSignatures() function returns a tuple of a signature class code and a list of signatures in that class. Had the none of the document's signers been on our trusted list, the signature class code would have been UNKNOWN.

>>> SigClass, SigList = Doc.TestSignatures([])
>>> SigClass == TrustedPickle.UNKNOWN
True
>>> len(SigList)
1
>>> SigList[0].Name
'Graham Chapman'

Since this looks like a valid document, let's go ahead and unpickle the document's payload.

>>> Doc.Unpickle()
datetime.datetime(2003, 12, 30, 11, 15, 6, 787000)