An IETF Time-Stamp Protocol (TSP) (RFC 3161) client

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for kislyuk from gravatar.com kislyuk

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache Software License)
  • Author: Andrey Kislyuk
Classifiers

Project description

tsp-client is an implementation of the RFC 3161 TSP protocol in Python.

TSP is used for point-in-time attestation and non-repudiation as part of various electronic signature and code signing schemes, including eIDAS XAdES (tsp-client is used by SignXML to implement XAdES).

Installation

pip install tsp-client

Synopsis

from tsp_client import TSPSigner, TSPVerifier

# Sign a message online by transmitting its digest to the timestamp authority
message = b"abc"
signer = TSPSigner()
signed = signer.sign(message)  # Returns raw bytes of the verified timestamp token.

# Verify a presented timestamp token offline using the original message
verified = TSPVerifier().verify(signed, message=message)

# Or verify using the message digest (digest algorithm may vary)
import hashlib

digest = hashlib.sha512(message).digest()
verified = TSPVerifier().verify(signed, message_digest=digest)

print(verified.tst_info)  # Parsed TSTInfo (CMS SignedData) structure
print(verified.signed_attrs)  # Parsed CMS SignedAttributes structure

Specifying a custom TSA

To provide a timestamped signature with non-repudiation verifiable via a chain of trust, TSP requires the use of a TSA (time-stamp authority) server when generating timestamp tokens. TSA servers can be thought of as digital notaries. Verification of tokens can be done offline using your system’s certificate authority (CA) trust store.

By default, tsp-client uses the DigiCert TSA server when signing tokens. To use a different TSA, set the SigningSettings.tsp_server attribute as follows:

from tsp_client import TSPSigner, TSPVerifier, SigningSettings
signing_settings = SigningSettings(tsp_server="http://timestamp.identrust.com")
signer = TSPSigner()
signed = signer.sign(message, signing_settings=signing_settings)

There is currently no credible public TSA that offers HTTPS transport security and does not apply throttling. DigiCert provides a relatively high throughput public TSA endpoint, but your message digests and tokens will be transmitted unencrypted over the network. As an alternative, Sectigo offers an HTTPS TSA (https://timestamp.sectigo.com) but applies throttling so is only suitable for low throughput applications.

The European Union maintains a list of trusted TSAs as part of the eIDAS dashboard, however this list only serves as a root of trust and does not link directly to the TSA endpoints of listed providers.

Authors

  • Andrey Kislyuk

License

Copyright 2022-2023, Andrey Kislyuk and tsp-client contributors. Licensed under the terms of the Apache License, Version 2.0. Distribution of the LICENSE and NOTICE files with source copies of this package and derivative works is REQUIRED as specified by the Apache License.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for kislyuk from gravatar.com kislyuk

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache Software License)
  • Author: Andrey Kislyuk
Classifiers

Release history Release notifications | RSS feed

0.2.0

This version

0.1.4

0.1.3

0.1.2

0.1.1

0.1.0

0.0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

tsp-client-0.1.4.tar.gz (16.6 kB view details)

Uploaded Source

Built Distribution

tsp_client-0.1.4-py3-none-any.whl (13.0 kB view details)

Uploaded Python 3

File details

Details for the file tsp-client-0.1.4.tar.gz.

File metadata

  • Download URL: tsp-client-0.1.4.tar.gz
  • Upload date:
  • Size: 16.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.4.1 importlib_metadata/4.6.0 pkginfo/1.7.0 requests/2.25.1 requests-toolbelt/0.9.1 tqdm/4.61.1 CPython/3.9.16

File hashes

Hashes for tsp-client-0.1.4.tar.gz
Algorithm Hash digest
SHA256 941359c08273a7ecf430c71a66b97c8d0beb69152df31ddf9ec2ad86d1144437
MD5 67038ce8cd09e99d259f7deffd84b74e
BLAKE2b-256 361ba5a5a5994f776efedd2fdd2540892b6fba0c4f79e3d0b935bf486d8c8c43

See more details on using hashes here.

File details

Details for the file tsp_client-0.1.4-py3-none-any.whl.

File metadata

  • Download URL: tsp_client-0.1.4-py3-none-any.whl
  • Upload date:
  • Size: 13.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.4.1 importlib_metadata/4.6.0 pkginfo/1.7.0 requests/2.25.1 requests-toolbelt/0.9.1 tqdm/4.61.1 CPython/3.9.16

File hashes

Hashes for tsp_client-0.1.4-py3-none-any.whl
Algorithm Hash digest
SHA256 82c02fc2383e94029d34feeeb438455283afd81805b1d36a92c3a801e0f29a0f
MD5 53941f47a99ff31425313510b8baec58
BLAKE2b-256 2fc4d42674713197d7a6531e6f1eba570e0a191f40321be22898a5274a3385cd

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page