{ "info": { "author": "Jim Klo", "author_email": "jim.klo@sri.com", "bugtrack_url": null, "classifiers": [], "description": "Learning Registry Envelope Signing and Validation Module\n=========================================================\n\nThis is a Python module that may be used to sign, verify, and retrieve\nPGP keys for Learning Registry envelopes.\n\n\nLicense & Copyright\n===================\n\nCopyright 2011 SRI International\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\n\n\nInstallation\n============\n\n1. Install [GNU Privacy Guard](http://www.gnupg.org/)\n\n2. Download the latest release from the [src/dist](./LRSignature/tree/master/src/dist)\n\n3. Install with pip\n\n pip install LRSignature-.tar.gz\n\n4. There is no step four! Done.\n\n\nUsage\n=====\n\n #!/usr/bin/env python\n\n from LRSignature.sign.Sign import Sign_0_21\n from LRSignature.verify.Verify import Verify_0_21\n import simplejson as json\n\n envelope = '''\n {\n \"_id\":\"00e3f67232e743b6bc2a079bd98ff55a\",\n \"_rev\":\"1-8163d32f6cc9996f2b7228d8b5db7962\",\n \"doc_type\":\"resource_data\",\n \"update_timestamp\":\"2011-03-14 13:36:04.617999\",\n \"resource_data\":\"\\\\nA chat about America. October and November, 1884.\\\\nJ. P.\\\\nUnited States--Description and travel.\\\\n\\\\\"Printed for private circulation only.\\\\\"\\\\nElectronic reproduction. Washington, D.C. : Library of Congress, [2002-2003]\\\\nManchester, Palmer & Howe\\\\n1885\\\\ntext\\\\nhttp://hdl.loc.gov/loc.gdc/lhbtn.12281\\\\neng\\\\nUnited States\\\\n\\\\n \",\n \"keys\":[\"United States--Description and travel.\",\"eng\"],\n \"submitter_type\":\"agent\",\n \"resource_data_type\":\"metadata\",\n \"payload_schema_locator\":\"http://www.openarchives.org/OAI/2.0/oai_dc/ http://www.openarchives.org/OAI/2.0/oai_dc.xsd\",\n \"payload_placement\":\"inline\",\n \"submitter\":\"NSDL 2 LR Data Pump\",\n \"payload_schema\":[\"oai_dc\"],\n \"node_timestamp\":\"2011-03-14 13:36:04.617999\",\n \"doc_version\":\"0.10.0\",\n \"create_timestamp\":\"2011-03-14 13:36:04.617999\",\n \"active\":true,\n \"publishing_node\":\"string\",\n \"resource_locator\":\"http://hdl.loc.gov/loc.gdc/lhbtn.12281\",\n \"doc_ID\":\"00e3f67232e743b6bc2a079bd98ff55a\",\n \"TOS\": {\n \"submission_TOS\": \"http://example.com/tos/unknown\",\n \"submission_attribution\": \"unidentified\"\n }\n }\n '''\n origJson = json.loads(envelope)\n privateKeyLocation = [\"http://www.example.com/example.asc\"]\n keyid = \"C37C805D164B052C\"\n passphrase = \"my passphrase\"\n\n signtool = Sign_0_21(keyid, passphrase=passphrase, publicKeyLocations=privateKeyLocation)\n signed = signtool.sign(origJson)\n\n verifytool = Verify_0_21()\n verified = verifytool.verify(signed)\n assert verified == True\n\n\nLRSignature.util module contains functionality to fetch and store public keys into the\nlocal PGP keyring.\n\n\nDependencies\n============\n\nExternal:\n\n- GnuPG: http://www.gnupg.org/\n\n\nOther Python Dependencies:\n\n- Python-gnupg: http://pypi.python.org/pypi/python-gnupg/\n\n\nVersions\n========\n0.1.15 - Bug fixes, new Sign/Verify version classes, improved exceptions\n\n * Signing will now throw an exception when provided passphrase for key is invalid\n * Provided signing key may now contain spaces\n * Signing and verification will throw exceptions extended from a base SignatureException\n\n0.1.14 - Significant Bug Fixes:\n\n * Fixed signing so that it performs a \"deep copy\" instead of a shallow copy.\n * Fixed algorithm to properly drop numbers on envelope before passing to bencode.\n\n Other: Made testsuite work with Jenkins continuous integration.\n\n0.1.13 - Modified fetchkey to extract Windows linefeed terminated keys, and exposed a new function in Verify that returns the pgp verification info after signature verification.\n\n0.1.12 - No changes; modified dependency version number for python-gnupgp\n\n0.1.11 - New Features and Bug Fixes:\n\n * _NEW_ Added a feature to signing to skip signing envelopes with a doc_version older that 0.21.0.\n\n * Fixed a problem with signature validation due to changes in gnupg.\n\n * Updated and fixated support for gnupg 0.30.0\n\n0.1.10 - Fixed an issue with PipeTool not honoring the --lr-test-data argument.\n\n0.1.9 - Added contribution from ISKME that adds basic HTTP Authentication for publish.\n\n0.1.8 - Modified to handle new variant of Basic Harvest getrecord and listrecords response. Additional error handling.\n\n0.1.7 - Bug fix for Python versions < 2.7 and added some flexibility to command line use.\n\n0.1.6 - New Feature.\n\n * Enhanced command line usage.\n\n - Added envelope signature validation\n\n - Command line arguments modified to have modes, sign & verify\n\n0.1.4 - Minor enhancement.\n\n * Updated __init__.py files to import the right submodules\n so package visibility is not obfuscated. No functionality changes.\n\n0.1.3 - Bug Fix [PT #14231273](https://www.pivotaltracker.com/story/show/14231273)\n\n * Bittorrent-python does not encode unicode strings. Repackaged LRSignature\n with modified Bittorrent-python package which can handle UTF-8 strings.\n\n * License for Bittorrent-python code is [Bittorrent Open Source License](http://www2.bittorrent.com/legal/bittorrent-open-source-license)\n\n * Removed external dependency for Bittorrent-python module.\n\n * Reverted changes from 0.1.2.\n\n0.1.2 - Bug Fix [PT #14231273](https://www.pivotaltracker.com/story/show/14231273)\n\n * UTF-8 encoded envelopes failed to sign.\n\n - Unicode strings are now UTF-8 encoded before bencoding.\n\n\n0.1.1 - Minor Bug Fix\n\n * When gnupgHome is not defined, default option creates a directory named \"~\".\n\n\n0.1.0 - Initial Release", "description_content_type": null, "docs_url": null, "download_url": "UNKNOWN", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/LearningRegistry/LRSignature", "keywords": null, "license": "Apache 2.0 License", "maintainer": null, "maintainer_email": null, "name": "LRSignature", "package_url": "https://pypi.org/project/LRSignature/", "platform": "UNKNOWN", "project_url": "https://pypi.org/project/LRSignature/", "project_urls": { "Download": "UNKNOWN", "Homepage": "https://github.com/LearningRegistry/LRSignature" }, "release_url": "https://pypi.org/project/LRSignature/0.1.15/", "requires_dist": null, "requires_python": null, "summary": "Learning Registry resource data digital signature management", "version": "0.1.15" }, "last_serial": 1083407, "releases": { "0.1.10": [ { "comment_text": "", "digests": { "md5": "f62433130fd0c0bfd512425bc157d231", "sha256": "ae7a56c15e57fe5eceb3dfa2169ea79f2e0903aafcf95cea4671014c2ac61482" }, "downloads": -1, "filename": "LRSignature-0.1.10.tar.gz", "has_sig": false, "md5_digest": "f62433130fd0c0bfd512425bc157d231", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 19586, "upload_time": "2011-12-09T00:31:29", "url": "https://files.pythonhosted.org/packages/9f/8b/6836d6edfe0a90f84556990034f8806c3b533b500bf78f89e2f18754095f/LRSignature-0.1.10.tar.gz" } ], "0.1.11": [ { "comment_text": "", "digests": { "md5": "9eedc5cd0651724c2c337615b19816df", "sha256": "db552f863277dbbeacfb5d1572d6c333aafcc56c93ef187a50a75f128f8e9212" }, "downloads": -1, "filename": "LRSignature-0.1.11.tar.gz", "has_sig": false, "md5_digest": "9eedc5cd0651724c2c337615b19816df", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 20620, "upload_time": "2012-06-06T01:59:29", "url": "https://files.pythonhosted.org/packages/62/31/aef8959296cf26cfed0a961274f93222b69094ab9dcc2230d93e9e888bf7/LRSignature-0.1.11.tar.gz" } ], "0.1.12": [ { "comment_text": "", "digests": { "md5": "01de20b4159832371e073fb5032a9fef", "sha256": "896bf85b76c5960a95d45058837df1fba568b1b58c7d27c8d30751a80e4deb18" }, "downloads": -1, "filename": "LRSignature-0.1.12.tar.gz", "has_sig": false, "md5_digest": "01de20b4159832371e073fb5032a9fef", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 20682, "upload_time": "2012-09-05T22:27:56", "url": "https://files.pythonhosted.org/packages/2a/cd/6d0f53bebe38e9396819a95ca6bb2090c95de22e563c4196f0cbfd617532/LRSignature-0.1.12.tar.gz" } ], "0.1.13": [ { "comment_text": "", "digests": { "md5": "94ef57d1469266fa3b4897ea01786536", "sha256": "5d4d0217e7b912a5176aff9874c8bb9857901cd61b39606638c13d3d88927dc6" }, "downloads": -1, "filename": "LRSignature-0.1.13.tar.gz", "has_sig": true, "md5_digest": "94ef57d1469266fa3b4897ea01786536", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 21037, "upload_time": "2013-02-19T20:11:34", "url": "https://files.pythonhosted.org/packages/61/85/f9b1ead966c55a03061a2e85b2642406af8c3a091dfffc53e06a0e1f82af/LRSignature-0.1.13.tar.gz" } ], "0.1.14": [ { "comment_text": "", "digests": { "md5": "8c21bede453a08fd41493ed82f112360", "sha256": "0e2f2cf6d248374af50909839d70543bfb690118f2f0f2fd4e43273f01367741" }, "downloads": -1, "filename": "LRSignature-0.1.14.tar.gz", "has_sig": false, "md5_digest": "8c21bede453a08fd41493ed82f112360", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 22433, "upload_time": "2013-05-31T00:11:09", "url": "https://files.pythonhosted.org/packages/10/cf/242b0ad1c6a4dc729421355d6c1638de5f02f01b323e2f27c31c71d21e5b/LRSignature-0.1.14.tar.gz" } ], "0.1.15": [ { "comment_text": "", "digests": { "md5": "d6b36cb17682d8d824de2d3df4d681b9", "sha256": "a44311c3b0673624cee0f01aabf7b3f4632f72545d663a586fd76501ba0e3366" }, "downloads": -1, "filename": "LRSignature-0.1.15.tar.gz", "has_sig": false, "md5_digest": "d6b36cb17682d8d824de2d3df4d681b9", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 23747, "upload_time": "2014-05-06T23:32:12", "url": "https://files.pythonhosted.org/packages/06/4b/e3471ed14e2e9af0ea814538eb8a6027e8b7c8b145844edac10951e74cd9/LRSignature-0.1.15.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "d6b36cb17682d8d824de2d3df4d681b9", "sha256": "a44311c3b0673624cee0f01aabf7b3f4632f72545d663a586fd76501ba0e3366" }, "downloads": -1, "filename": "LRSignature-0.1.15.tar.gz", "has_sig": false, "md5_digest": "d6b36cb17682d8d824de2d3df4d681b9", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 23747, "upload_time": "2014-05-06T23:32:12", "url": "https://files.pythonhosted.org/packages/06/4b/e3471ed14e2e9af0ea814538eb8a6027e8b7c8b145844edac10951e74cd9/LRSignature-0.1.15.tar.gz" } ] }