summaryrefslogtreecommitdiff
path: root/doc/html/howto.smime.html
diff options
context:
space:
mode:
Diffstat (limited to 'doc/html/howto.smime.html')
-rw-r--r--doc/html/howto.smime.html724
1 files changed, 367 insertions, 357 deletions
diff --git a/doc/html/howto.smime.html b/doc/html/howto.smime.html
index d1ae312..75a4ecf 100644
--- a/doc/html/howto.smime.html
+++ b/doc/html/howto.smime.html
@@ -1,50 +1,42 @@
-
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
-
- <title>HOWTO: Programming S/MIME in Python with M2Crypto &mdash; M2Crypto documentation</title>
-
- <link rel="stylesheet" href="_static/default.css" type="text/css" />
+ <title>HOWTO: Programming S/MIME in Python with M2Crypto &#8212; M2Crypto documentation</title>
+ <link rel="stylesheet" href="_static/alabaster.css" type="text/css" />
<link rel="stylesheet" href="_static/pygments.css" type="text/css" />
-
<script type="text/javascript">
var DOCUMENTATION_OPTIONS = {
- URL_ROOT: '',
+ URL_ROOT: './',
VERSION: '',
COLLAPSE_INDEX: false,
FILE_SUFFIX: '.html',
- HAS_SOURCE: true
+ HAS_SOURCE: true,
+ SOURCELINK_SUFFIX: '.txt'
};
</script>
<script type="text/javascript" src="_static/jquery.js"></script>
<script type="text/javascript" src="_static/underscore.js"></script>
<script type="text/javascript" src="_static/doctools.js"></script>
- <link rel="top" title="M2Crypto documentation" href="index.html" />
+ <link rel="index" title="Index" href="genindex.html" />
+ <link rel="search" title="Search" href="search.html" />
+
+ <link rel="stylesheet" href="_static/custom.css" type="text/css" />
+
+
+ <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
+
</head>
<body>
- <div class="related">
- <h3>Navigation</h3>
- <ul>
- <li class="right" style="margin-right: 10px">
- <a href="genindex.html" title="General Index"
- accesskey="I">index</a></li>
- <li class="right" >
- <a href="py-modindex.html" title="Python Module Index"
- >modules</a> |</li>
- <li><a href="index.html">M2Crypto documentation</a> &raquo;</li>
- </ul>
- </div>
+
<div class="document">
<div class="documentwrapper">
<div class="bodywrapper">
- <div class="body">
+ <div class="body" role="main">
<div class="section" id="howto-programming-s-mime-in-python-with-m2crypto">
<span id="howto-smime"></span><h1>HOWTO: Programming S/MIME in Python with M2Crypto<a class="headerlink" href="#howto-programming-s-mime-in-python-with-m2crypto" title="Permalink to this headline">¶</a></h1>
@@ -86,7 +78,7 @@ said public key.</p>
<p>To create an S/MIME-encrypted message, you need an X.509 certificate for
each recipient.</p>
<p>To create an S/MIME-signed <em>and</em> -encrypted message, first create a
-signed message, then encrypt the signed message with the recipients&#8217;
+signed message, then encrypt the signed message with the recipients’
certificates.</p>
<p>You may generate key pairs and obtain certificates by using a commercial
<em>certification authority</em> service.</p>
@@ -97,122 +89,127 @@ this approach is cheap and effective.</p>
certificates. This assumes you have OpenSSL installed properly on your
system.</p>
<p>First, we generate an X.509 certificate to be used for signing:</p>
-<div class="highlight-python"><pre>openssl req -newkey rsa:1024 -nodes -x509 -days 365 -out signer.pem
-
-Using configuration from /usr/local/pkg/openssl/openssl.cnf
-Generating a 1024 bit RSA private key
-..++++++
-....................++++++
-writing new private key to &#x27;privkey.pem&#x27;
------
-You are about to be asked to enter information that will be incorporated
-into your certificate request.
-What you are about to enter is what is called a Distinguished Name or a DN.
-There are quite a few fields but you can leave some blank
-For some fields there will be a default value,
-If you enter &#x27;.&#x27;, the field will be left blank.
------
-Country Name (2 letter code) [AU]:SG
-State or Province Name (full name) [Some-State]:.
-Locality Name (eg, city) []:.
-Organization Name (eg, company) [Internet Widgits Pty Ltd]:M2Crypto
-Organizational Unit Name (eg, section) []:.
-Common Name (eg, YOUR name) []:S/MIME Sender
-Email Address []:sender@example.dom</pre>
+<div class="highlight-default"><div class="highlight"><pre><span></span><span class="n">openssl</span> <span class="n">req</span> <span class="o">-</span><span class="n">newkey</span> <span class="n">rsa</span><span class="p">:</span><span class="mi">1024</span> <span class="o">-</span><span class="n">nodes</span> <span class="o">-</span><span class="n">x509</span> <span class="o">-</span><span class="n">days</span> <span class="mi">365</span> <span class="o">-</span><span class="n">out</span> <span class="n">signer</span><span class="o">.</span><span class="n">pem</span>
+
+<span class="n">Using</span> <span class="n">configuration</span> <span class="kn">from</span> <span class="o">/</span><span class="n">usr</span><span class="o">/</span><span class="n">local</span><span class="o">/</span><span class="n">pkg</span><span class="o">/</span><span class="n">openssl</span><span class="o">/</span><span class="n">openssl</span><span class="o">.</span><span class="n">cnf</span>
+<span class="n">Generating</span> <span class="n">a</span> <span class="mi">1024</span> <span class="n">bit</span> <span class="n">RSA</span> <span class="n">private</span> <span class="n">key</span>
+<span class="o">..++++++</span>
+<span class="o">....................++++++</span>
+<span class="n">writing</span> <span class="n">new</span> <span class="n">private</span> <span class="n">key</span> <span class="n">to</span> <span class="s1">&#39;privkey.pem&#39;</span>
+<span class="o">-----</span>
+<span class="n">You</span> <span class="n">are</span> <span class="n">about</span> <span class="n">to</span> <span class="n">be</span> <span class="n">asked</span> <span class="n">to</span> <span class="n">enter</span> <span class="n">information</span> <span class="n">that</span> <span class="n">will</span> <span class="n">be</span> <span class="n">incorporated</span>
+<span class="n">into</span> <span class="n">your</span> <span class="n">certificate</span> <span class="n">request</span><span class="o">.</span>
+<span class="n">What</span> <span class="n">you</span> <span class="n">are</span> <span class="n">about</span> <span class="n">to</span> <span class="n">enter</span> <span class="ow">is</span> <span class="n">what</span> <span class="ow">is</span> <span class="n">called</span> <span class="n">a</span> <span class="n">Distinguished</span> <span class="n">Name</span> <span class="ow">or</span> <span class="n">a</span> <span class="n">DN</span><span class="o">.</span>
+<span class="n">There</span> <span class="n">are</span> <span class="n">quite</span> <span class="n">a</span> <span class="n">few</span> <span class="n">fields</span> <span class="n">but</span> <span class="n">you</span> <span class="n">can</span> <span class="n">leave</span> <span class="n">some</span> <span class="n">blank</span>
+<span class="n">For</span> <span class="n">some</span> <span class="n">fields</span> <span class="n">there</span> <span class="n">will</span> <span class="n">be</span> <span class="n">a</span> <span class="n">default</span> <span class="n">value</span><span class="p">,</span>
+<span class="n">If</span> <span class="n">you</span> <span class="n">enter</span> <span class="s1">&#39;.&#39;</span><span class="p">,</span> <span class="n">the</span> <span class="n">field</span> <span class="n">will</span> <span class="n">be</span> <span class="n">left</span> <span class="n">blank</span><span class="o">.</span>
+<span class="o">-----</span>
+<span class="n">Country</span> <span class="n">Name</span> <span class="p">(</span><span class="mi">2</span> <span class="n">letter</span> <span class="n">code</span><span class="p">)</span> <span class="p">[</span><span class="n">AU</span><span class="p">]:</span><span class="n">SG</span>
+<span class="n">State</span> <span class="ow">or</span> <span class="n">Province</span> <span class="n">Name</span> <span class="p">(</span><span class="n">full</span> <span class="n">name</span><span class="p">)</span> <span class="p">[</span><span class="n">Some</span><span class="o">-</span><span class="n">State</span><span class="p">]:</span><span class="o">.</span>
+<span class="n">Locality</span> <span class="n">Name</span> <span class="p">(</span><span class="n">eg</span><span class="p">,</span> <span class="n">city</span><span class="p">)</span> <span class="p">[]:</span><span class="o">.</span>
+<span class="n">Organization</span> <span class="n">Name</span> <span class="p">(</span><span class="n">eg</span><span class="p">,</span> <span class="n">company</span><span class="p">)</span> <span class="p">[</span><span class="n">Internet</span> <span class="n">Widgits</span> <span class="n">Pty</span> <span class="n">Ltd</span><span class="p">]:</span><span class="n">M2Crypto</span>
+<span class="n">Organizational</span> <span class="n">Unit</span> <span class="n">Name</span> <span class="p">(</span><span class="n">eg</span><span class="p">,</span> <span class="n">section</span><span class="p">)</span> <span class="p">[]:</span><span class="o">.</span>
+<span class="n">Common</span> <span class="n">Name</span> <span class="p">(</span><span class="n">eg</span><span class="p">,</span> <span class="n">YOUR</span> <span class="n">name</span><span class="p">)</span> <span class="p">[]:</span><span class="n">S</span><span class="o">/</span><span class="n">MIME</span> <span class="n">Sender</span>
+<span class="n">Email</span> <span class="n">Address</span> <span class="p">[]:</span><span class="n">sender</span><span class="nd">@example</span><span class="o">.</span><span class="n">dom</span>
+</pre></div>
</div>
<p>This generates a 1024-bit RSA key pair, unencrypted, into
-<tt class="docutils literal"><span class="pre">privkey.pem</span></tt>; it also generates a self-signed X.509 certificate for
-the public key into <tt class="docutils literal"><span class="pre">signer.pem</span></tt>. The certificate is valid for 365
+<code class="docutils literal"><span class="pre">privkey.pem</span></code>; it also generates a self-signed X.509 certificate for
+the public key into <code class="docutils literal"><span class="pre">signer.pem</span></code>. The certificate is valid for 365
days, i.e., a year.</p>
-<p>Let&#8217;s rename <tt class="docutils literal"><span class="pre">privkey.pem</span></tt> so that we know it is a companion of
-<tt class="docutils literal"><span class="pre">signer.pem</span></tt>&#8216;s:</p>
-<div class="highlight-python"><pre>mv privkey.pem signer_key.pem</pre>
-</div>
-<p>To verify the content of <tt class="docutils literal"><span class="pre">signer.pem</span></tt>, execute the following:</p>
-<div class="highlight-python"><pre>openssl x509 -noout -text -in signer.pem
-
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 0 (0x0)
- Signature Algorithm: md5WithRSAEncryption
- Issuer: C=SG, O=M2Crypto, CN=S/MIME Sender/Email=sender@example.dom
- Validity
- Not Before: Mar 24 12:56:16 2001 GMT
- Not After : Mar 24 12:56:16 2002 GMT
- Subject: C=SG, O=M2Crypto, CN=S/MIME Sender/Email=sender@example.dom
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- RSA Public Key: (1024 bit)
- Modulus (1024 bit):
- 00:a9:d6:e2:b5:11:3b:ae:3c:e2:17:31:70:e1:6e:
- 01:f4:19:6d:bd:2a:42:36:2b:37:34:e2:83:1d:0d:
- 11:2e:b4:99:44:db:10:67:be:97:5f:5b:1a:26:33:
- 46:23:2f:95:04:7a:35:da:9d:f9:26:88:39:9e:17:
- cd:3e:eb:a8:19:8d:a8:2a:f1:43:da:55:a9:2e:2c:
- 65:ed:04:71:42:ce:73:53:b8:ea:7e:c7:f0:23:c6:
- 63:c5:5e:68:96:64:a7:b4:2a:94:26:76:eb:79:ea:
- e3:4e:aa:82:09:4f:44:87:4a:12:62:b5:d7:1f:ca:
- f2:ce:d5:ba:7e:1f:48:fd:b9
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Subject Key Identifier:
- 29:FB:38:B6:BF:E2:40:BB:FF:D5:71:D7:D5:C4:F0:83:1A:2B:C7:99
- X509v3 Authority Key Identifier:
- keyid:29:FB:38:B6:BF:E2:40:BB:FF:D5:71:D7:D5:C4:F0:83:1A:2B:C7:99
- DirName:/C=SG/O=M2Crypto/CN=S/MIME Sender/Email=sender@example.dom
- serial:00
-
- X509v3 Basic Constraints:
- CA:TRUE
- Signature Algorithm: md5WithRSAEncryption
- 68:c8:6b:1b:fa:7c:9a:39:35:76:18:15:c9:fd:89:97:62:db:
- 7a:b0:2d:13:dd:97:e8:1b:7a:9f:22:27:83:24:9d:2e:56:ec:
- 97:89:3c:ef:16:55:80:5a:18:7c:22:d0:f6:bb:e3:a4:e8:59:
- 30:ff:99:5a:93:3e:ea:bc:ee:7f:8d:d6:7d:37:8c:ac:3d:74:
- 80:ce:7a:99:ba:27:b9:2a:a3:71:fa:a5:25:ba:47:17:df:07:
- 56:96:36:fd:60:b9:6c:96:06:e8:e3:7b:9f:4b:6a:95:71:a8:
- 34:fc:fc:b5:88:8b:c4:3f:1e:24:f6:52:47:b2:7d:44:67:d9:
- 83:e8</pre>
+<p>Let’s rename <code class="docutils literal"><span class="pre">privkey.pem</span></code> so that we know it is a companion of
+<code class="docutils literal"><span class="pre">signer.pem</span></code>’s:</p>
+<div class="highlight-default"><div class="highlight"><pre><span></span><span class="n">mv</span> <span class="n">privkey</span><span class="o">.</span><span class="n">pem</span> <span class="n">signer_key</span><span class="o">.</span><span class="n">pem</span>
+</pre></div>
+</div>
+<p>To verify the content of <code class="docutils literal"><span class="pre">signer.pem</span></code>, execute the following:</p>
+<div class="highlight-default"><div class="highlight"><pre><span></span><span class="n">openssl</span> <span class="n">x509</span> <span class="o">-</span><span class="n">noout</span> <span class="o">-</span><span class="n">text</span> <span class="o">-</span><span class="ow">in</span> <span class="n">signer</span><span class="o">.</span><span class="n">pem</span>
+
+<span class="n">Certificate</span><span class="p">:</span>
+ <span class="n">Data</span><span class="p">:</span>
+ <span class="n">Version</span><span class="p">:</span> <span class="mi">3</span> <span class="p">(</span><span class="mh">0x2</span><span class="p">)</span>
+ <span class="n">Serial</span> <span class="n">Number</span><span class="p">:</span> <span class="mi">0</span> <span class="p">(</span><span class="mh">0x0</span><span class="p">)</span>
+ <span class="n">Signature</span> <span class="n">Algorithm</span><span class="p">:</span> <span class="n">md5WithRSAEncryption</span>
+ <span class="n">Issuer</span><span class="p">:</span> <span class="n">C</span><span class="o">=</span><span class="n">SG</span><span class="p">,</span> <span class="n">O</span><span class="o">=</span><span class="n">M2Crypto</span><span class="p">,</span> <span class="n">CN</span><span class="o">=</span><span class="n">S</span><span class="o">/</span><span class="n">MIME</span> <span class="n">Sender</span><span class="o">/</span><span class="n">Email</span><span class="o">=</span><span class="n">sender</span><span class="nd">@example</span><span class="o">.</span><span class="n">dom</span>
+ <span class="n">Validity</span>
+ <span class="n">Not</span> <span class="n">Before</span><span class="p">:</span> <span class="n">Mar</span> <span class="mi">24</span> <span class="mi">12</span><span class="p">:</span><span class="mi">56</span><span class="p">:</span><span class="mi">16</span> <span class="mi">2001</span> <span class="n">GMT</span>
+ <span class="n">Not</span> <span class="n">After</span> <span class="p">:</span> <span class="n">Mar</span> <span class="mi">24</span> <span class="mi">12</span><span class="p">:</span><span class="mi">56</span><span class="p">:</span><span class="mi">16</span> <span class="mi">2002</span> <span class="n">GMT</span>
+ <span class="n">Subject</span><span class="p">:</span> <span class="n">C</span><span class="o">=</span><span class="n">SG</span><span class="p">,</span> <span class="n">O</span><span class="o">=</span><span class="n">M2Crypto</span><span class="p">,</span> <span class="n">CN</span><span class="o">=</span><span class="n">S</span><span class="o">/</span><span class="n">MIME</span> <span class="n">Sender</span><span class="o">/</span><span class="n">Email</span><span class="o">=</span><span class="n">sender</span><span class="nd">@example</span><span class="o">.</span><span class="n">dom</span>
+ <span class="n">Subject</span> <span class="n">Public</span> <span class="n">Key</span> <span class="n">Info</span><span class="p">:</span>
+ <span class="n">Public</span> <span class="n">Key</span> <span class="n">Algorithm</span><span class="p">:</span> <span class="n">rsaEncryption</span>
+ <span class="n">RSA</span> <span class="n">Public</span> <span class="n">Key</span><span class="p">:</span> <span class="p">(</span><span class="mi">1024</span> <span class="n">bit</span><span class="p">)</span>
+ <span class="n">Modulus</span> <span class="p">(</span><span class="mi">1024</span> <span class="n">bit</span><span class="p">):</span>
+ <span class="mi">00</span><span class="p">:</span><span class="n">a9</span><span class="p">:</span><span class="n">d6</span><span class="p">:</span><span class="n">e2</span><span class="p">:</span><span class="n">b5</span><span class="p">:</span><span class="mi">11</span><span class="p">:</span><span class="mi">3</span><span class="n">b</span><span class="p">:</span><span class="n">ae</span><span class="p">:</span><span class="mi">3</span><span class="n">c</span><span class="p">:</span><span class="n">e2</span><span class="p">:</span><span class="mi">17</span><span class="p">:</span><span class="mi">31</span><span class="p">:</span><span class="mi">70</span><span class="p">:</span><span class="n">e1</span><span class="p">:</span><span class="mi">6</span><span class="n">e</span><span class="p">:</span>
+ <span class="mi">01</span><span class="p">:</span><span class="n">f4</span><span class="p">:</span><span class="mi">19</span><span class="p">:</span><span class="mi">6</span><span class="n">d</span><span class="p">:</span><span class="n">bd</span><span class="p">:</span><span class="mi">2</span><span class="n">a</span><span class="p">:</span><span class="mi">42</span><span class="p">:</span><span class="mi">36</span><span class="p">:</span><span class="mi">2</span><span class="n">b</span><span class="p">:</span><span class="mi">37</span><span class="p">:</span><span class="mi">34</span><span class="p">:</span><span class="n">e2</span><span class="p">:</span><span class="mi">83</span><span class="p">:</span><span class="mi">1</span><span class="n">d</span><span class="p">:</span><span class="mi">0</span><span class="n">d</span><span class="p">:</span>
+ <span class="mi">11</span><span class="p">:</span><span class="mi">2</span><span class="n">e</span><span class="p">:</span><span class="n">b4</span><span class="p">:</span><span class="mi">99</span><span class="p">:</span><span class="mi">44</span><span class="p">:</span><span class="n">db</span><span class="p">:</span><span class="mi">10</span><span class="p">:</span><span class="mi">67</span><span class="p">:</span><span class="n">be</span><span class="p">:</span><span class="mi">97</span><span class="p">:</span><span class="mi">5</span><span class="n">f</span><span class="p">:</span><span class="mi">5</span><span class="n">b</span><span class="p">:</span><span class="mi">1</span><span class="n">a</span><span class="p">:</span><span class="mi">26</span><span class="p">:</span><span class="mi">33</span><span class="p">:</span>
+ <span class="mi">46</span><span class="p">:</span><span class="mi">23</span><span class="p">:</span><span class="mi">2</span><span class="n">f</span><span class="p">:</span><span class="mi">95</span><span class="p">:</span><span class="mi">04</span><span class="p">:</span><span class="mi">7</span><span class="n">a</span><span class="p">:</span><span class="mi">35</span><span class="p">:</span><span class="n">da</span><span class="p">:</span><span class="mi">9</span><span class="n">d</span><span class="p">:</span><span class="n">f9</span><span class="p">:</span><span class="mi">26</span><span class="p">:</span><span class="mi">88</span><span class="p">:</span><span class="mi">39</span><span class="p">:</span><span class="mi">9</span><span class="n">e</span><span class="p">:</span><span class="mi">17</span><span class="p">:</span>
+ <span class="n">cd</span><span class="p">:</span><span class="mi">3</span><span class="n">e</span><span class="p">:</span><span class="n">eb</span><span class="p">:</span><span class="n">a8</span><span class="p">:</span><span class="mi">19</span><span class="p">:</span><span class="mi">8</span><span class="n">d</span><span class="p">:</span><span class="n">a8</span><span class="p">:</span><span class="mi">2</span><span class="n">a</span><span class="p">:</span><span class="n">f1</span><span class="p">:</span><span class="mi">43</span><span class="p">:</span><span class="n">da</span><span class="p">:</span><span class="mi">55</span><span class="p">:</span><span class="n">a9</span><span class="p">:</span><span class="mi">2</span><span class="n">e</span><span class="p">:</span><span class="mi">2</span><span class="n">c</span><span class="p">:</span>
+ <span class="mi">65</span><span class="p">:</span><span class="n">ed</span><span class="p">:</span><span class="mi">04</span><span class="p">:</span><span class="mi">71</span><span class="p">:</span><span class="mi">42</span><span class="p">:</span><span class="n">ce</span><span class="p">:</span><span class="mi">73</span><span class="p">:</span><span class="mi">53</span><span class="p">:</span><span class="n">b8</span><span class="p">:</span><span class="n">ea</span><span class="p">:</span><span class="mi">7</span><span class="n">e</span><span class="p">:</span><span class="n">c7</span><span class="p">:</span><span class="n">f0</span><span class="p">:</span><span class="mi">23</span><span class="p">:</span><span class="n">c6</span><span class="p">:</span>
+ <span class="mi">63</span><span class="p">:</span><span class="n">c5</span><span class="p">:</span><span class="mi">5</span><span class="n">e</span><span class="p">:</span><span class="mi">68</span><span class="p">:</span><span class="mi">96</span><span class="p">:</span><span class="mi">64</span><span class="p">:</span><span class="n">a7</span><span class="p">:</span><span class="n">b4</span><span class="p">:</span><span class="mi">2</span><span class="n">a</span><span class="p">:</span><span class="mi">94</span><span class="p">:</span><span class="mi">26</span><span class="p">:</span><span class="mi">76</span><span class="p">:</span><span class="n">eb</span><span class="p">:</span><span class="mi">79</span><span class="p">:</span><span class="n">ea</span><span class="p">:</span>
+ <span class="n">e3</span><span class="p">:</span><span class="mi">4</span><span class="n">e</span><span class="p">:</span><span class="n">aa</span><span class="p">:</span><span class="mi">82</span><span class="p">:</span><span class="mi">09</span><span class="p">:</span><span class="mi">4</span><span class="n">f</span><span class="p">:</span><span class="mi">44</span><span class="p">:</span><span class="mi">87</span><span class="p">:</span><span class="mi">4</span><span class="n">a</span><span class="p">:</span><span class="mi">12</span><span class="p">:</span><span class="mi">62</span><span class="p">:</span><span class="n">b5</span><span class="p">:</span><span class="n">d7</span><span class="p">:</span><span class="mi">1</span><span class="n">f</span><span class="p">:</span><span class="n">ca</span><span class="p">:</span>
+ <span class="n">f2</span><span class="p">:</span><span class="n">ce</span><span class="p">:</span><span class="n">d5</span><span class="p">:</span><span class="n">ba</span><span class="p">:</span><span class="mi">7</span><span class="n">e</span><span class="p">:</span><span class="mi">1</span><span class="n">f</span><span class="p">:</span><span class="mi">48</span><span class="p">:</span><span class="n">fd</span><span class="p">:</span><span class="n">b9</span>
+ <span class="n">Exponent</span><span class="p">:</span> <span class="mi">65537</span> <span class="p">(</span><span class="mh">0x10001</span><span class="p">)</span>
+ <span class="n">X509v3</span> <span class="n">extensions</span><span class="p">:</span>
+ <span class="n">X509v3</span> <span class="n">Subject</span> <span class="n">Key</span> <span class="n">Identifier</span><span class="p">:</span>
+ <span class="mi">29</span><span class="p">:</span><span class="n">FB</span><span class="p">:</span><span class="mi">38</span><span class="p">:</span><span class="n">B6</span><span class="p">:</span><span class="n">BF</span><span class="p">:</span><span class="n">E2</span><span class="p">:</span><span class="mi">40</span><span class="p">:</span><span class="n">BB</span><span class="p">:</span><span class="n">FF</span><span class="p">:</span><span class="n">D5</span><span class="p">:</span><span class="mi">71</span><span class="p">:</span><span class="n">D7</span><span class="p">:</span><span class="n">D5</span><span class="p">:</span><span class="n">C4</span><span class="p">:</span><span class="n">F0</span><span class="p">:</span><span class="mi">83</span><span class="p">:</span><span class="mi">1</span><span class="n">A</span><span class="p">:</span><span class="mi">2</span><span class="n">B</span><span class="p">:</span><span class="n">C7</span><span class="p">:</span><span class="mi">99</span>
+ <span class="n">X509v3</span> <span class="n">Authority</span> <span class="n">Key</span> <span class="n">Identifier</span><span class="p">:</span>
+ <span class="n">keyid</span><span class="p">:</span><span class="mi">29</span><span class="p">:</span><span class="n">FB</span><span class="p">:</span><span class="mi">38</span><span class="p">:</span><span class="n">B6</span><span class="p">:</span><span class="n">BF</span><span class="p">:</span><span class="n">E2</span><span class="p">:</span><span class="mi">40</span><span class="p">:</span><span class="n">BB</span><span class="p">:</span><span class="n">FF</span><span class="p">:</span><span class="n">D5</span><span class="p">:</span><span class="mi">71</span><span class="p">:</span><span class="n">D7</span><span class="p">:</span><span class="n">D5</span><span class="p">:</span><span class="n">C4</span><span class="p">:</span><span class="n">F0</span><span class="p">:</span><span class="mi">83</span><span class="p">:</span><span class="mi">1</span><span class="n">A</span><span class="p">:</span><span class="mi">2</span><span class="n">B</span><span class="p">:</span><span class="n">C7</span><span class="p">:</span><span class="mi">99</span>
+ <span class="n">DirName</span><span class="p">:</span><span class="o">/</span><span class="n">C</span><span class="o">=</span><span class="n">SG</span><span class="o">/</span><span class="n">O</span><span class="o">=</span><span class="n">M2Crypto</span><span class="o">/</span><span class="n">CN</span><span class="o">=</span><span class="n">S</span><span class="o">/</span><span class="n">MIME</span> <span class="n">Sender</span><span class="o">/</span><span class="n">Email</span><span class="o">=</span><span class="n">sender</span><span class="nd">@example</span><span class="o">.</span><span class="n">dom</span>
+ <span class="n">serial</span><span class="p">:</span><span class="mi">00</span>
+
+ <span class="n">X509v3</span> <span class="n">Basic</span> <span class="n">Constraints</span><span class="p">:</span>
+ <span class="n">CA</span><span class="p">:</span><span class="n">TRUE</span>
+ <span class="n">Signature</span> <span class="n">Algorithm</span><span class="p">:</span> <span class="n">md5WithRSAEncryption</span>
+ <span class="mi">68</span><span class="p">:</span><span class="n">c8</span><span class="p">:</span><span class="mi">6</span><span class="n">b</span><span class="p">:</span><span class="mi">1</span><span class="n">b</span><span class="p">:</span><span class="n">fa</span><span class="p">:</span><span class="mi">7</span><span class="n">c</span><span class="p">:</span><span class="mi">9</span><span class="n">a</span><span class="p">:</span><span class="mi">39</span><span class="p">:</span><span class="mi">35</span><span class="p">:</span><span class="mi">76</span><span class="p">:</span><span class="mi">18</span><span class="p">:</span><span class="mi">15</span><span class="p">:</span><span class="n">c9</span><span class="p">:</span><span class="n">fd</span><span class="p">:</span><span class="mi">89</span><span class="p">:</span><span class="mi">97</span><span class="p">:</span><span class="mi">62</span><span class="p">:</span><span class="n">db</span><span class="p">:</span>
+ <span class="mi">7</span><span class="n">a</span><span class="p">:</span><span class="n">b0</span><span class="p">:</span><span class="mi">2</span><span class="n">d</span><span class="p">:</span><span class="mi">13</span><span class="p">:</span><span class="n">dd</span><span class="p">:</span><span class="mi">97</span><span class="p">:</span><span class="n">e8</span><span class="p">:</span><span class="mi">1</span><span class="n">b</span><span class="p">:</span><span class="mi">7</span><span class="n">a</span><span class="p">:</span><span class="mi">9</span><span class="n">f</span><span class="p">:</span><span class="mi">22</span><span class="p">:</span><span class="mi">27</span><span class="p">:</span><span class="mi">83</span><span class="p">:</span><span class="mi">24</span><span class="p">:</span><span class="mi">9</span><span class="n">d</span><span class="p">:</span><span class="mi">2</span><span class="n">e</span><span class="p">:</span><span class="mi">56</span><span class="p">:</span><span class="n">ec</span><span class="p">:</span>
+ <span class="mi">97</span><span class="p">:</span><span class="mi">89</span><span class="p">:</span><span class="mi">3</span><span class="n">c</span><span class="p">:</span><span class="n">ef</span><span class="p">:</span><span class="mi">16</span><span class="p">:</span><span class="mi">55</span><span class="p">:</span><span class="mi">80</span><span class="p">:</span><span class="mi">5</span><span class="n">a</span><span class="p">:</span><span class="mi">18</span><span class="p">:</span><span class="mi">7</span><span class="n">c</span><span class="p">:</span><span class="mi">22</span><span class="p">:</span><span class="n">d0</span><span class="p">:</span><span class="n">f6</span><span class="p">:</span><span class="n">bb</span><span class="p">:</span><span class="n">e3</span><span class="p">:</span><span class="n">a4</span><span class="p">:</span><span class="n">e8</span><span class="p">:</span><span class="mi">59</span><span class="p">:</span>
+ <span class="mi">30</span><span class="p">:</span><span class="n">ff</span><span class="p">:</span><span class="mi">99</span><span class="p">:</span><span class="mi">5</span><span class="n">a</span><span class="p">:</span><span class="mi">93</span><span class="p">:</span><span class="mi">3</span><span class="n">e</span><span class="p">:</span><span class="n">ea</span><span class="p">:</span><span class="n">bc</span><span class="p">:</span><span class="n">ee</span><span class="p">:</span><span class="mi">7</span><span class="n">f</span><span class="p">:</span><span class="mi">8</span><span class="n">d</span><span class="p">:</span><span class="n">d6</span><span class="p">:</span><span class="mi">7</span><span class="n">d</span><span class="p">:</span><span class="mi">37</span><span class="p">:</span><span class="mi">8</span><span class="n">c</span><span class="p">:</span><span class="n">ac</span><span class="p">:</span><span class="mi">3</span><span class="n">d</span><span class="p">:</span><span class="mi">74</span><span class="p">:</span>
+ <span class="mi">80</span><span class="p">:</span><span class="n">ce</span><span class="p">:</span><span class="mi">7</span><span class="n">a</span><span class="p">:</span><span class="mi">99</span><span class="p">:</span><span class="n">ba</span><span class="p">:</span><span class="mi">27</span><span class="p">:</span><span class="n">b9</span><span class="p">:</span><span class="mi">2</span><span class="n">a</span><span class="p">:</span><span class="n">a3</span><span class="p">:</span><span class="mi">71</span><span class="p">:</span><span class="n">fa</span><span class="p">:</span><span class="n">a5</span><span class="p">:</span><span class="mi">25</span><span class="p">:</span><span class="n">ba</span><span class="p">:</span><span class="mi">47</span><span class="p">:</span><span class="mi">17</span><span class="p">:</span><span class="n">df</span><span class="p">:</span><span class="mi">07</span><span class="p">:</span>
+ <span class="mi">56</span><span class="p">:</span><span class="mi">96</span><span class="p">:</span><span class="mi">36</span><span class="p">:</span><span class="n">fd</span><span class="p">:</span><span class="mi">60</span><span class="p">:</span><span class="n">b9</span><span class="p">:</span><span class="mi">6</span><span class="n">c</span><span class="p">:</span><span class="mi">96</span><span class="p">:</span><span class="mi">06</span><span class="p">:</span><span class="n">e8</span><span class="p">:</span><span class="n">e3</span><span class="p">:</span><span class="mi">7</span><span class="n">b</span><span class="p">:</span><span class="mi">9</span><span class="n">f</span><span class="p">:</span><span class="mi">4</span><span class="n">b</span><span class="p">:</span><span class="mi">6</span><span class="n">a</span><span class="p">:</span><span class="mi">95</span><span class="p">:</span><span class="mi">71</span><span class="p">:</span><span class="n">a8</span><span class="p">:</span>
+ <span class="mi">34</span><span class="p">:</span><span class="n">fc</span><span class="p">:</span><span class="n">fc</span><span class="p">:</span><span class="n">b5</span><span class="p">:</span><span class="mi">88</span><span class="p">:</span><span class="mi">8</span><span class="n">b</span><span class="p">:</span><span class="n">c4</span><span class="p">:</span><span class="mi">3</span><span class="n">f</span><span class="p">:</span><span class="mi">1</span><span class="n">e</span><span class="p">:</span><span class="mi">24</span><span class="p">:</span><span class="n">f6</span><span class="p">:</span><span class="mi">52</span><span class="p">:</span><span class="mi">47</span><span class="p">:</span><span class="n">b2</span><span class="p">:</span><span class="mi">7</span><span class="n">d</span><span class="p">:</span><span class="mi">44</span><span class="p">:</span><span class="mi">67</span><span class="p">:</span><span class="n">d9</span><span class="p">:</span>
+ <span class="mi">83</span><span class="p">:</span><span class="n">e8</span>
+</pre></div>
</div>
<p>Next, we generate a self-signed X.509 certificate for the recipient.
-Note that <tt class="docutils literal"><span class="pre">privkey.pem</span></tt> will be recreated:</p>
-<div class="highlight-python"><pre>openssl req -newkey rsa:1024 -nodes -x509 -days 365 -out recipient.pem
-
-Using configuration from /usr/local/pkg/openssl/openssl.cnf
-Generating a 1024 bit RSA private key
-.....................................++++++
-.................++++++
-writing new private key to &#x27;privkey.pem&#x27;
------
-You are about to be asked to enter information that will be incorporated
-into your certificate request.
-What you are about to enter is what is called a Distinguished Name or a DN.
-There are quite a few fields but you can leave some blank
-For some fields there will be a default value,
-If you enter &#x27;.&#x27;, the field will be left blank.
------
-Country Name (2 letter code) [AU]:SG
-State or Province Name (full name) [Some-State]:.
-Locality Name (eg, city) []:.
-Organization Name (eg, company) [Internet Widgits Pty Ltd]:M2Crypto
-Organizational Unit Name (eg, section) []:.
-Common Name (eg, YOUR name) []:S/MIME Recipient
-Email Address []:recipient@example.dom</pre>
-</div>
-<p>Again, rename <tt class="docutils literal"><span class="pre">privkey.pem</span></tt>:</p>
-<div class="highlight-python"><pre>mv privkey.pem recipient_key.pem</pre>
-</div>
-<p>In the examples to follow, S/MIME Sender, <tt class="docutils literal"><span class="pre">&lt;sender&#64;example.dom&gt;</span></tt>,
+Note that <code class="docutils literal"><span class="pre">privkey.pem</span></code> will be recreated:</p>
+<div class="highlight-default"><div class="highlight"><pre><span></span><span class="n">openssl</span> <span class="n">req</span> <span class="o">-</span><span class="n">newkey</span> <span class="n">rsa</span><span class="p">:</span><span class="mi">1024</span> <span class="o">-</span><span class="n">nodes</span> <span class="o">-</span><span class="n">x509</span> <span class="o">-</span><span class="n">days</span> <span class="mi">365</span> <span class="o">-</span><span class="n">out</span> <span class="n">recipient</span><span class="o">.</span><span class="n">pem</span>
+
+<span class="n">Using</span> <span class="n">configuration</span> <span class="kn">from</span> <span class="o">/</span><span class="n">usr</span><span class="o">/</span><span class="n">local</span><span class="o">/</span><span class="n">pkg</span><span class="o">/</span><span class="n">openssl</span><span class="o">/</span><span class="n">openssl</span><span class="o">.</span><span class="n">cnf</span>
+<span class="n">Generating</span> <span class="n">a</span> <span class="mi">1024</span> <span class="n">bit</span> <span class="n">RSA</span> <span class="n">private</span> <span class="n">key</span>
+<span class="o">.....................................++++++</span>
+<span class="o">.................++++++</span>
+<span class="n">writing</span> <span class="n">new</span> <span class="n">private</span> <span class="n">key</span> <span class="n">to</span> <span class="s1">&#39;privkey.pem&#39;</span>
+<span class="o">-----</span>
+<span class="n">You</span> <span class="n">are</span> <span class="n">about</span> <span class="n">to</span> <span class="n">be</span> <span class="n">asked</span> <span class="n">to</span> <span class="n">enter</span> <span class="n">information</span> <span class="n">that</span> <span class="n">will</span> <span class="n">be</span> <span class="n">incorporated</span>
+<span class="n">into</span> <span class="n">your</span> <span class="n">certificate</span> <span class="n">request</span><span class="o">.</span>
+<span class="n">What</span> <span class="n">you</span> <span class="n">are</span> <span class="n">about</span> <span class="n">to</span> <span class="n">enter</span> <span class="ow">is</span> <span class="n">what</span> <span class="ow">is</span> <span class="n">called</span> <span class="n">a</span> <span class="n">Distinguished</span> <span class="n">Name</span> <span class="ow">or</span> <span class="n">a</span> <span class="n">DN</span><span class="o">.</span>
+<span class="n">There</span> <span class="n">are</span> <span class="n">quite</span> <span class="n">a</span> <span class="n">few</span> <span class="n">fields</span> <span class="n">but</span> <span class="n">you</span> <span class="n">can</span> <span class="n">leave</span> <span class="n">some</span> <span class="n">blank</span>
+<span class="n">For</span> <span class="n">some</span> <span class="n">fields</span> <span class="n">there</span> <span class="n">will</span> <span class="n">be</span> <span class="n">a</span> <span class="n">default</span> <span class="n">value</span><span class="p">,</span>
+<span class="n">If</span> <span class="n">you</span> <span class="n">enter</span> <span class="s1">&#39;.&#39;</span><span class="p">,</span> <span class="n">the</span> <span class="n">field</span> <span class="n">will</span> <span class="n">be</span> <span class="n">left</span> <span class="n">blank</span><span class="o">.</span>
+<span class="o">-----</span>
+<span class="n">Country</span> <span class="n">Name</span> <span class="p">(</span><span class="mi">2</span> <span class="n">letter</span> <span class="n">code</span><span class="p">)</span> <span class="p">[</span><span class="n">AU</span><span class="p">]:</span><span class="n">SG</span>
+<span class="n">State</span> <span class="ow">or</span> <span class="n">Province</span> <span class="n">Name</span> <span class="p">(</span><span class="n">full</span> <span class="n">name</span><span class="p">)</span> <span class="p">[</span><span class="n">Some</span><span class="o">-</span><span class="n">State</span><span class="p">]:</span><span class="o">.</span>
+<span class="n">Locality</span> <span class="n">Name</span> <span class="p">(</span><span class="n">eg</span><span class="p">,</span> <span class="n">city</span><span class="p">)</span> <span class="p">[]:</span><span class="o">.</span>
+<span class="n">Organization</span> <span class="n">Name</span> <span class="p">(</span><span class="n">eg</span><span class="p">,</span> <span class="n">company</span><span class="p">)</span> <span class="p">[</span><span class="n">Internet</span> <span class="n">Widgits</span> <span class="n">Pty</span> <span class="n">Ltd</span><span class="p">]:</span><span class="n">M2Crypto</span>
+<span class="n">Organizational</span> <span class="n">Unit</span> <span class="n">Name</span> <span class="p">(</span><span class="n">eg</span><span class="p">,</span> <span class="n">section</span><span class="p">)</span> <span class="p">[]:</span><span class="o">.</span>
+<span class="n">Common</span> <span class="n">Name</span> <span class="p">(</span><span class="n">eg</span><span class="p">,</span> <span class="n">YOUR</span> <span class="n">name</span><span class="p">)</span> <span class="p">[]:</span><span class="n">S</span><span class="o">/</span><span class="n">MIME</span> <span class="n">Recipient</span>
+<span class="n">Email</span> <span class="n">Address</span> <span class="p">[]:</span><span class="n">recipient</span><span class="nd">@example</span><span class="o">.</span><span class="n">dom</span>
+</pre></div>
+</div>
+<p>Again, rename <code class="docutils literal"><span class="pre">privkey.pem</span></code>:</p>
+<div class="highlight-default"><div class="highlight"><pre><span></span><span class="n">mv</span> <span class="n">privkey</span><span class="o">.</span><span class="n">pem</span> <span class="n">recipient_key</span><span class="o">.</span><span class="n">pem</span>
+</pre></div>
+</div>
+<p>In the examples to follow, S/MIME Sender, <code class="docutils literal"><span class="pre">&lt;sender&#64;example.dom&gt;</span></code>,
shall be the sender of S/MIME messages, while S/MIME Recipient,
-<tt class="docutils literal"><span class="pre">&lt;recipient&#64;example.dom&gt;</span></tt>, shall be the recipient of S/MIME messages.</p>
+<code class="docutils literal"><span class="pre">&lt;recipient&#64;example.dom&gt;</span></code>, shall be the recipient of S/MIME messages.</p>
<p>Armed with the key pairs and certificates, we are now ready to begin
programming S/MIME in Python.</p>
<blockquote>
<div><p><strong>Note:</strong> The private keys generated above are <em>not
passphrase-protected</em>, i.e., they are <em>in the clear</em>. Anyone who has
access to such a key can generate S/MIME-signed messages with it,
-and decrypt S/MIME messages encrypted to it&#8217;s corresponding public
+and decrypt S/MIME messages encrypted to it’s corresponding public
key.</p>
<p>We may passphrase-protect the keys, if we so choose. M2Crypto will
prompt the user for the passphrase when such a key is being loaded.</p>
@@ -220,23 +217,23 @@ prompt the user for the passphrase when such a key is being loaded.</p>
</div>
<div class="section" id="m2crypto-smime">
<h1>M2Crypto.SMIME<a class="headerlink" href="#m2crypto-smime" title="Permalink to this headline">¶</a></h1>
-<p>The Python programmer accesses M2Crypto&#8217;s S/MIME functionality through
-class <tt class="docutils literal"><span class="pre">SMIME</span></tt> in the module <tt class="docutils literal"><span class="pre">M2Crypto.SMIME</span></tt>. Typically, an
-<tt class="docutils literal"><span class="pre">SMIME</span></tt> object is instantiated; the object is then set up for the
+<p>The Python programmer accesses M2Crypto’s S/MIME functionality through
+class <code class="docutils literal"><span class="pre">SMIME</span></code> in the module <code class="docutils literal"><span class="pre">M2Crypto.SMIME</span></code>. Typically, an
+<code class="docutils literal"><span class="pre">SMIME</span></code> object is instantiated; the object is then set up for the
intended operation: sign, encrypt, decrypt or verify; finally, the
operation is invoked on the object.</p>
-<p><tt class="docutils literal"><span class="pre">M2Crypto.SMIME</span></tt> makes extensive use of <tt class="docutils literal"><span class="pre">M2Crypto.BIO</span></tt>:
-<tt class="docutils literal"><span class="pre">M2Crypto.BIO</span></tt> is a Python abstraction of the <tt class="docutils literal"><span class="pre">BIO</span></tt> abstraction in
-OpenSSL. A commonly used <tt class="docutils literal"><span class="pre">BIO</span></tt> abstraction in M2Crypto is
-<tt class="docutils literal"><span class="pre">M2Crypto.BIO.MemoryBuffer</span></tt>, which implements a memory-based file-like
-object, similar to Python&#8217;s own <tt class="docutils literal"><span class="pre">StringIO</span></tt>.</p>
+<p><code class="docutils literal"><span class="pre">M2Crypto.SMIME</span></code> makes extensive use of <code class="docutils literal"><span class="pre">M2Crypto.BIO</span></code>:
+<code class="docutils literal"><span class="pre">M2Crypto.BIO</span></code> is a Python abstraction of the <code class="docutils literal"><span class="pre">BIO</span></code> abstraction in
+OpenSSL. A commonly used <code class="docutils literal"><span class="pre">BIO</span></code> abstraction in M2Crypto is
+<code class="docutils literal"><span class="pre">M2Crypto.BIO.MemoryBuffer</span></code>, which implements a memory-based file-like
+object, similar to Python’s own <code class="docutils literal"><span class="pre">StringIO</span></code>.</p>
</div>
<div class="section" id="sign">
<h1>Sign<a class="headerlink" href="#sign" title="Permalink to this headline">¶</a></h1>
<p>The following code demonstrates how to generate an S/MIME-signed
-message. <tt class="docutils literal"><span class="pre">randpool.dat</span></tt> contains random data which is used to seed
-OpenSSL&#8217;s pseudo-random number generator via M2Crypto:</p>
-<div class="highlight-python"><div class="highlight"><pre><span></span><span class="kn">from</span> <span class="nn">M2Crypto</span> <span class="kn">import</span> <span class="n">BIO</span><span class="p">,</span> <span class="n">Rand</span><span class="p">,</span> <span class="n">SMIME</span>
+message. <code class="docutils literal"><span class="pre">randpool.dat</span></code> contains random data which is used to seed
+OpenSSL’s pseudo-random number generator via M2Crypto:</p>
+<div class="highlight-default"><div class="highlight"><pre><span></span><span class="kn">from</span> <span class="nn">M2Crypto</span> <span class="k">import</span> <span class="n">BIO</span><span class="p">,</span> <span class="n">Rand</span><span class="p">,</span> <span class="n">SMIME</span>
<span class="k">def</span> <span class="nf">makebuf</span><span class="p">(</span><span class="n">text</span><span class="p">):</span>
<span class="k">return</span> <span class="n">BIO</span><span class="o">.</span><span class="n">MemoryBuffer</span><span class="p">(</span><span class="n">text</span><span class="p">)</span>
@@ -253,14 +250,14 @@ OpenSSL&#8217;s pseudo-random number generator via M2Crypto:</p>
<span class="n">p7</span> <span class="o">=</span> <span class="n">s</span><span class="o">.</span><span class="n">sign</span><span class="p">(</span><span class="n">buf</span><span class="p">,</span> <span class="n">SMIME</span><span class="o">.</span><span class="n">PKCS7_DETACHED</span><span class="p">)</span>
</pre></div>
</div>
-<p><tt class="docutils literal"><span class="pre">p7</span></tt> now contains a <em>PKCS #7 signature blob</em> wrapped in an
-<tt class="docutils literal"><span class="pre">M2Crypto.SMIME.PKCS7</span></tt> object. Note that <tt class="docutils literal"><span class="pre">buf</span></tt> has been consumed by
-<tt class="docutils literal"><span class="pre">sign()</span></tt> and has to be recreated if it is to be used again.</p>
+<p><code class="docutils literal"><span class="pre">p7</span></code> now contains a <em>PKCS #7 signature blob</em> wrapped in an
+<code class="docutils literal"><span class="pre">M2Crypto.SMIME.PKCS7</span></code> object. Note that <code class="docutils literal"><span class="pre">buf</span></code> has been consumed by
+<code class="docutils literal"><span class="pre">sign()</span></code> and has to be recreated if it is to be used again.</p>
<p>We may now send the signed message via SMTP. In these examples, we shall
-not do so; instead, we&#8217;ll render the S/MIME output in mail-friendly
+not do so; instead, we’ll render the S/MIME output in mail-friendly
format, and pretend that our messages are sent and received
correctly:</p>
-<div class="highlight-python"><div class="highlight"><pre><span></span><span class="c1"># Recreate buf.</span>
+<div class="highlight-default"><div class="highlight"><pre><span></span><span class="c1"># Recreate buf.</span>
<span class="n">buf</span> <span class="o">=</span> <span class="n">makebuf</span><span class="p">(</span><span class="s1">&#39;a sign of our times&#39;</span><span class="p">)</span>
<span class="c1"># Output p7 in mail-friendly format.</span>
@@ -270,64 +267,65 @@ correctly:</p>
<span class="n">out</span><span class="o">.</span><span class="n">write</span><span class="p">(</span><span class="s1">&#39;Subject: M2Crypto S/MIME testing</span><span class="se">\n</span><span class="s1">&#39;</span><span class="p">)</span>
<span class="n">s</span><span class="o">.</span><span class="n">write</span><span class="p">(</span><span class="n">out</span><span class="p">,</span> <span class="n">p7</span><span class="p">,</span> <span class="n">buf</span><span class="p">)</span>
-<span class="k">print</span><span class="p">(</span><span class="n">out</span><span class="o">.</span><span class="n">read</span><span class="p">())</span>
+<span class="nb">print</span><span class="p">(</span><span class="n">out</span><span class="o">.</span><span class="n">read</span><span class="p">())</span>
<span class="c1"># Save the PRNG&#39;s state.</span>
<span class="n">Rand</span><span class="o">.</span><span class="n">save_file</span><span class="p">(</span><span class="s1">&#39;randpool.dat&#39;</span><span class="p">)</span>
</pre></div>
</div>
-<p>Here&#8217;s the output:</p>
-<div class="highlight-python"><pre>From: sender@example.dom
-To: recipient@example.dom
-Subject: M2Crypto S/MIME testing
-MIME-Version: 1.0
-Content-Type: multipart/signed ; protocol=&quot;application/x-pkcs7-signature&quot; ; micalg=sha1 ; boundary=&quot;----3C93156FC7B4EBF49FE9C7DB7F503087&quot;
-
-This is an S/MIME signed message
-
-------3C93156FC7B4EBF49FE9C7DB7F503087
-a sign of our times
-------3C93156FC7B4EBF49FE9C7DB7F503087
-Content-Type: application/x-pkcs7-signature; name=&quot;smime.p7s&quot;
-Content-Transfer-Encoding: base64
-Content-Disposition: attachment; filename=&quot;smime.p7s&quot;
-
-MIIE8AYJKoZIhvcNAQcCoIIE4TCCBN0CAQExCzAJBgUrDgMCGgUAMCIGCSqGSIb3
-DQEHAaAVBBNhIHNpZ24gb2Ygb3VyIHRpbWVzoIIC5zCCAuMwggJMoAMCAQICAQAw
-DQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCU0cxETAPBgNVBAoTCE0yQ3J5cHRv
-MRYwFAYDVQQDEw1TL01JTUUgU2VuZGVyMSEwHwYJKoZIhvcNAQkBFhJzZW5kZXJA
-ZXhhbXBsZS5kb20wHhcNMDEwMzMxMTE0MDMzWhcNMDIwMzMxMTE0MDMzWjBbMQsw
-CQYDVQQGEwJTRzERMA8GA1UEChMITTJDcnlwdG8xFjAUBgNVBAMTDVMvTUlNRSBT
-ZW5kZXIxITAfBgkqhkiG9w0BCQEWEnNlbmRlckBleGFtcGxlLmRvbTCBnzANBgkq
-hkiG9w0BAQEFAAOBjQAwgYkCgYEA5c5Tj1CHTSOxa1q2q0FYiwMWYHptJpJcvtZm
-UwrgU5sHrA8OnCM0cDXEj0KPf3cfNjHffB8HWMzI4UEgNmFXQNsxoGZ+iqwxLlNj
-y9Mh7eFW/Bjq5hNXbouSlQ0rWBRkoxV64y+t6lQehb32WfYXQbKFxFJSXzSxOx3R
-8YhSPd0CAwEAAaOBtjCBszAdBgNVHQ4EFgQUXOyolL1t4jaBwZFRM7MS8nBLzUow
-gYMGA1UdIwR8MHqAFFzsqJS9beI2gcGRUTOzEvJwS81KoV+kXTBbMQswCQYDVQQG
-EwJTRzERMA8GA1UEChMITTJDcnlwdG8xFjAUBgNVBAMTDVMvTUlNRSBTZW5kZXIx
-ITAfBgkqhkiG9w0BCQEWEnNlbmRlckBleGFtcGxlLmRvbYIBADAMBgNVHRMEBTAD
-AQH/MA0GCSqGSIb3DQEBBAUAA4GBAHo3DrCHR86fSTVAvfiXdSswWqKtCEhUHRdC
-TLFGl4hDk2GyZxaFuqZwiURz/H7nMicymI2wkz8H/wyHFg8G3BIehURpj2v/ZWXY
-eovbgS7EZALVVkDj4hNl/IIHWd6Gtv1UODf7URbxtl3hQ9/eTWITrefT1heuPnar
-8czydsOLMYIBujCCAbYCAQEwYDBbMQswCQYDVQQGEwJTRzERMA8GA1UEChMITTJD
-cnlwdG8xFjAUBgNVBAMTDVMvTUlNRSBTZW5kZXIxITAfBgkqhkiG9w0BCQEWEnNl
-bmRlckBleGFtcGxlLmRvbQIBADAJBgUrDgMCGgUAoIGxMBgGCSqGSIb3DQEJAzEL
-BgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTAxMDMzMTExNDUwMlowIwYJKoZI
-hvcNAQkEMRYEFOoeRUd8ExIYXfQq8BTFuKWrSP3iMFIGCSqGSIb3DQEJDzFFMEMw
-CgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsO
-AwIHMA0GCCqGSIb3DQMCAgEoMA0GCSqGSIb3DQEBAQUABIGAQpU8hFUtLCF6hO2t
-ec9EYJ/Imqqiiw+BxWxkUUVT81Vbjwdn9JST6+sztM5JRP2ZW+b4txEjZriYC8f3
-kv95YMTGbIsuWkJ93GrbvqoJ/CxO23r9WWRnZEm/1EZN9ZmlrYqzBTxnNRmP3Dhj
-cW8kzZwH+2/2zz2G7x1HxRWH95A=
-
-------3C93156FC7B4EBF49FE9C7DB7F503087--</pre>
+<p>Here’s the output:</p>
+<div class="highlight-default"><div class="highlight"><pre><span></span><span class="n">From</span><span class="p">:</span> <span class="n">sender</span><span class="nd">@example</span><span class="o">.</span><span class="n">dom</span>
+<span class="n">To</span><span class="p">:</span> <span class="n">recipient</span><span class="nd">@example</span><span class="o">.</span><span class="n">dom</span>
+<span class="n">Subject</span><span class="p">:</span> <span class="n">M2Crypto</span> <span class="n">S</span><span class="o">/</span><span class="n">MIME</span> <span class="n">testing</span>
+<span class="n">MIME</span><span class="o">-</span><span class="n">Version</span><span class="p">:</span> <span class="mf">1.0</span>
+<span class="n">Content</span><span class="o">-</span><span class="n">Type</span><span class="p">:</span> <span class="n">multipart</span><span class="o">/</span><span class="n">signed</span> <span class="p">;</span> <span class="n">protocol</span><span class="o">=</span><span class="s2">&quot;application/x-pkcs7-signature&quot;</span> <span class="p">;</span> <span class="n">micalg</span><span class="o">=</span><span class="n">sha1</span> <span class="p">;</span> <span class="n">boundary</span><span class="o">=</span><span class="s2">&quot;----3C93156FC7B4EBF49FE9C7DB7F503087&quot;</span>
+
+<span class="n">This</span> <span class="ow">is</span> <span class="n">an</span> <span class="n">S</span><span class="o">/</span><span class="n">MIME</span> <span class="n">signed</span> <span class="n">message</span>
+
+<span class="o">------</span><span class="mi">3</span><span class="n">C93156FC7B4EBF49FE9C7DB7F503087</span>
+<span class="n">a</span> <span class="n">sign</span> <span class="n">of</span> <span class="n">our</span> <span class="n">times</span>
+<span class="o">------</span><span class="mi">3</span><span class="n">C93156FC7B4EBF49FE9C7DB7F503087</span>
+<span class="n">Content</span><span class="o">-</span><span class="n">Type</span><span class="p">:</span> <span class="n">application</span><span class="o">/</span><span class="n">x</span><span class="o">-</span><span class="n">pkcs7</span><span class="o">-</span><span class="n">signature</span><span class="p">;</span> <span class="n">name</span><span class="o">=</span><span class="s2">&quot;smime.p7s&quot;</span>
+<span class="n">Content</span><span class="o">-</span><span class="n">Transfer</span><span class="o">-</span><span class="n">Encoding</span><span class="p">:</span> <span class="n">base64</span>
+<span class="n">Content</span><span class="o">-</span><span class="n">Disposition</span><span class="p">:</span> <span class="n">attachment</span><span class="p">;</span> <span class="n">filename</span><span class="o">=</span><span class="s2">&quot;smime.p7s&quot;</span>
+
+<span class="n">MIIE8AYJKoZIhvcNAQcCoIIE4TCCBN0CAQExCzAJBgUrDgMCGgUAMCIGCSqGSIb3</span>
+<span class="n">DQEHAaAVBBNhIHNpZ24gb2Ygb3VyIHRpbWVzoIIC5zCCAuMwggJMoAMCAQICAQAw</span>
+<span class="n">DQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCU0cxETAPBgNVBAoTCE0yQ3J5cHRv</span>
+<span class="n">MRYwFAYDVQQDEw1TL01JTUUgU2VuZGVyMSEwHwYJKoZIhvcNAQkBFhJzZW5kZXJA</span>
+<span class="n">ZXhhbXBsZS5kb20wHhcNMDEwMzMxMTE0MDMzWhcNMDIwMzMxMTE0MDMzWjBbMQsw</span>
+<span class="n">CQYDVQQGEwJTRzERMA8GA1UEChMITTJDcnlwdG8xFjAUBgNVBAMTDVMvTUlNRSBT</span>
+<span class="n">ZW5kZXIxITAfBgkqhkiG9w0BCQEWEnNlbmRlckBleGFtcGxlLmRvbTCBnzANBgkq</span>
+<span class="n">hkiG9w0BAQEFAAOBjQAwgYkCgYEA5c5Tj1CHTSOxa1q2q0FYiwMWYHptJpJcvtZm</span>
+<span class="n">UwrgU5sHrA8OnCM0cDXEj0KPf3cfNjHffB8HWMzI4UEgNmFXQNsxoGZ</span><span class="o">+</span><span class="n">iqwxLlNj</span>
+<span class="n">y9Mh7eFW</span><span class="o">/</span><span class="n">Bjq5hNXbouSlQ0rWBRkoxV64y</span><span class="o">+</span><span class="n">t6lQehb32WfYXQbKFxFJSXzSxOx3R</span>
+<span class="mi">8</span><span class="n">YhSPd0CAwEAAaOBtjCBszAdBgNVHQ4EFgQUXOyolL1t4jaBwZFRM7MS8nBLzUow</span>
+<span class="n">gYMGA1UdIwR8MHqAFFzsqJS9beI2gcGRUTOzEvJwS81KoV</span><span class="o">+</span><span class="n">kXTBbMQswCQYDVQQG</span>
+<span class="n">EwJTRzERMA8GA1UEChMITTJDcnlwdG8xFjAUBgNVBAMTDVMvTUlNRSBTZW5kZXIx</span>
+<span class="n">ITAfBgkqhkiG9w0BCQEWEnNlbmRlckBleGFtcGxlLmRvbYIBADAMBgNVHRMEBTAD</span>
+<span class="n">AQH</span><span class="o">/</span><span class="n">MA0GCSqGSIb3DQEBBAUAA4GBAHo3DrCHR86fSTVAvfiXdSswWqKtCEhUHRdC</span>
+<span class="n">TLFGl4hDk2GyZxaFuqZwiURz</span><span class="o">/</span><span class="n">H7nMicymI2wkz8H</span><span class="o">/</span><span class="n">wyHFg8G3BIehURpj2v</span><span class="o">/</span><span class="n">ZWXY</span>
+<span class="n">eovbgS7EZALVVkDj4hNl</span><span class="o">/</span><span class="n">IIHWd6Gtv1UODf7URbxtl3hQ9</span><span class="o">/</span><span class="n">eTWITrefT1heuPnar</span>
+<span class="mi">8</span><span class="n">czydsOLMYIBujCCAbYCAQEwYDBbMQswCQYDVQQGEwJTRzERMA8GA1UEChMITTJD</span>
+<span class="n">cnlwdG8xFjAUBgNVBAMTDVMvTUlNRSBTZW5kZXIxITAfBgkqhkiG9w0BCQEWEnNl</span>
+<span class="n">bmRlckBleGFtcGxlLmRvbQIBADAJBgUrDgMCGgUAoIGxMBgGCSqGSIb3DQEJAzEL</span>
+<span class="n">BgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTAxMDMzMTExNDUwMlowIwYJKoZI</span>
+<span class="n">hvcNAQkEMRYEFOoeRUd8ExIYXfQq8BTFuKWrSP3iMFIGCSqGSIb3DQEJDzFFMEMw</span>
+<span class="n">CgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsO</span>
+<span class="n">AwIHMA0GCCqGSIb3DQMCAgEoMA0GCSqGSIb3DQEBAQUABIGAQpU8hFUtLCF6hO2t</span>
+<span class="n">ec9EYJ</span><span class="o">/</span><span class="n">Imqqiiw</span><span class="o">+</span><span class="n">BxWxkUUVT81Vbjwdn9JST6</span><span class="o">+</span><span class="n">sztM5JRP2ZW</span><span class="o">+</span><span class="n">b4txEjZriYC8f3</span>
+<span class="n">kv95YMTGbIsuWkJ93GrbvqoJ</span><span class="o">/</span><span class="n">CxO23r9WWRnZEm</span><span class="o">/</span><span class="mi">1</span><span class="n">EZN9ZmlrYqzBTxnNRmP3Dhj</span>
+<span class="n">cW8kzZwH</span><span class="o">+</span><span class="mi">2</span><span class="o">/</span><span class="mi">2</span><span class="n">zz2G7x1HxRWH95A</span><span class="o">=</span>
+
+<span class="o">------</span><span class="mi">3</span><span class="n">C93156FC7B4EBF49FE9C7DB7F503087</span><span class="o">--</span>
+</pre></div>
</div>
</div>
<div class="section" id="verify">
<h1>Verify<a class="headerlink" href="#verify" title="Permalink to this headline">¶</a></h1>
-<p>Assume the above output has been saved into <tt class="docutils literal"><span class="pre">sign.p7</span></tt>. Let&#8217;s now
+<p>Assume the above output has been saved into <code class="docutils literal"><span class="pre">sign.p7</span></code>. Let’s now
verify the signature:</p>
-<div class="highlight-python"><div class="highlight"><pre><span></span><span class="kn">from</span> <span class="nn">M2Crypto</span> <span class="kn">import</span> <span class="n">SMIME</span><span class="p">,</span> <span class="n">X509</span>
+<div class="highlight-default"><div class="highlight"><pre><span></span><span class="kn">from</span> <span class="nn">M2Crypto</span> <span class="k">import</span> <span class="n">SMIME</span><span class="p">,</span> <span class="n">X509</span>
<span class="c1"># Instantiate an SMIME object.</span>
<span class="n">s</span> <span class="o">=</span> <span class="n">SMIME</span><span class="o">.</span><span class="n">SMIME</span><span class="p">()</span>
@@ -347,36 +345,38 @@ verify the signature:</p>
<span class="c1"># Load the data, verify it.</span>
<span class="n">p7</span><span class="p">,</span> <span class="n">data</span> <span class="o">=</span> <span class="n">SMIME</span><span class="o">.</span><span class="n">smime_load_pkcs7</span><span class="p">(</span><span class="s1">&#39;sign.p7&#39;</span><span class="p">)</span>
<span class="n">v</span> <span class="o">=</span> <span class="n">s</span><span class="o">.</span><span class="n">verify</span><span class="p">(</span><span class="n">p7</span><span class="p">,</span> <span class="n">data</span><span class="p">)</span>
-<span class="k">print</span><span class="p">(</span><span class="n">v</span><span class="p">)</span>
-<span class="k">print</span><span class="p">(</span><span class="n">data</span><span class="p">)</span>
-<span class="k">print</span><span class="p">(</span><span class="n">data</span><span class="o">.</span><span class="n">read</span><span class="p">())</span>
+<span class="nb">print</span><span class="p">(</span><span class="n">v</span><span class="p">)</span>
+<span class="nb">print</span><span class="p">(</span><span class="n">data</span><span class="p">)</span>
+<span class="nb">print</span><span class="p">(</span><span class="n">data</span><span class="o">.</span><span class="n">read</span><span class="p">())</span>
</pre></div>
</div>
-<p>Here&#8217;s the output of the above program:</p>
-<div class="highlight-python"><pre>a sign of our times
-&lt;M2Crypto.BIO.BIO instance at 0x822012c&gt;
-a sign of our times</pre>
+<p>Here’s the output of the above program:</p>
+<div class="highlight-default"><div class="highlight"><pre><span></span><span class="n">a</span> <span class="n">sign</span> <span class="n">of</span> <span class="n">our</span> <span class="n">times</span>
+<span class="o">&lt;</span><span class="n">M2Crypto</span><span class="o">.</span><span class="n">BIO</span><span class="o">.</span><span class="n">BIO</span> <span class="n">instance</span> <span class="n">at</span> <span class="mh">0x822012c</span><span class="o">&gt;</span>
+<span class="n">a</span> <span class="n">sign</span> <span class="n">of</span> <span class="n">our</span> <span class="n">times</span>
+</pre></div>
</div>
-<p>Suppose, instead of loading <tt class="docutils literal"><span class="pre">signer.pem</span></tt> above, we load
-<tt class="docutils literal"><span class="pre">recipient.pem</span></tt>. That is, we do a global substitution of
-<tt class="docutils literal"><span class="pre">recipient.pem</span></tt> for <tt class="docutils literal"><span class="pre">signer.pem</span></tt> in the above program. Here&#8217;s the
-modified program&#8217;s output:</p>
-<div class="highlight-python"><pre>Traceback (most recent call last):
+<p>Suppose, instead of loading <code class="docutils literal"><span class="pre">signer.pem</span></code> above, we load
+<code class="docutils literal"><span class="pre">recipient.pem</span></code>. That is, we do a global substitution of
+<code class="docutils literal"><span class="pre">recipient.pem</span></code> for <code class="docutils literal"><span class="pre">signer.pem</span></code> in the above program. Here’s the
+modified program’s output:</p>
+<div class="highlight-default"><div class="highlight"><pre><span></span>Traceback (most recent call last):
File &quot;./verify.py&quot;, line 22, in ?
v = s.verify(p7)
File &quot;/usr/local/home/ngps/prog/m2/M2Crypto/SMIME.py&quot;, line 205, in verify
raise SMIME_Error, Err.get_error()
-M2Crypto.SMIME.SMIME_Error: 312:error:21075075:PKCS7 routines:PKCS7_verify:certificate verify error:pk7_smime.c:213:Verify error:self signed certificate</pre>
+M2Crypto.SMIME.SMIME_Error: 312:error:21075075:PKCS7 routines:PKCS7_verify:certificate verify error:pk7_smime.c:213:Verify error:self signed certificate
+</pre></div>
</div>
-<p>As displayed, the error is generated by line 213 of OpenSSL&#8217;s
-<tt class="docutils literal"><span class="pre">pk7_smime.c</span></tt> (as of OpenSSL 0.9.6); if you are a C programmer, you
-may wish to look up the C source to explore OpenSSL&#8217;s S/MIME
+<p>As displayed, the error is generated by line 213 of OpenSSL’s
+<code class="docutils literal"><span class="pre">pk7_smime.c</span></code> (as of OpenSSL 0.9.6); if you are a C programmer, you
+may wish to look up the C source to explore OpenSSL’s S/MIME
implementation and understand why the error message is worded thus.</p>
</div>
<div class="section" id="encrypt">
<h1>Encrypt<a class="headerlink" href="#encrypt" title="Permalink to this headline">¶</a></h1>
<p>We now demonstrate how to generate an S/MIME-encrypted message:</p>
-<div class="highlight-python"><div class="highlight"><pre><span></span><span class="kn">from</span> <span class="nn">M2Crypto</span> <span class="kn">import</span> <span class="n">BIO</span><span class="p">,</span> <span class="n">Rand</span><span class="p">,</span> <span class="n">SMIME</span><span class="p">,</span> <span class="n">X509</span>
+<div class="highlight-default"><div class="highlight"><pre><span></span><span class="kn">from</span> <span class="nn">M2Crypto</span> <span class="k">import</span> <span class="n">BIO</span><span class="p">,</span> <span class="n">Rand</span><span class="p">,</span> <span class="n">SMIME</span><span class="p">,</span> <span class="n">X509</span>
<span class="k">def</span> <span class="nf">makebuf</span><span class="p">(</span><span class="n">text</span><span class="p">):</span>
<span class="k">return</span> <span class="n">BIO</span><span class="o">.</span><span class="n">MemoryBuffer</span><span class="p">(</span><span class="n">text</span><span class="p">)</span>
@@ -409,36 +409,37 @@ implementation and understand why the error message is worded thus.</p>
<span class="n">out</span><span class="o">.</span><span class="n">write</span><span class="p">(</span><span class="s1">&#39;Subject: M2Crypto S/MIME testing</span><span class="se">\n</span><span class="s1">&#39;</span><span class="p">)</span>
<span class="n">s</span><span class="o">.</span><span class="n">write</span><span class="p">(</span><span class="n">out</span><span class="p">,</span> <span class="n">p7</span><span class="p">)</span>
-<span class="k">print</span><span class="p">(</span><span class="n">out</span><span class="o">.</span><span class="n">read</span><span class="p">())</span>
+<span class="nb">print</span><span class="p">(</span><span class="n">out</span><span class="o">.</span><span class="n">read</span><span class="p">())</span>
<span class="c1"># Save the PRNG&#39;s state.</span>
<span class="n">Rand</span><span class="o">.</span><span class="n">save_file</span><span class="p">(</span><span class="s1">&#39;randpool.dat&#39;</span><span class="p">)</span>
</pre></div>
</div>
-<p>Here&#8217;s the output of the above program:</p>
-<div class="highlight-python"><pre>From: sender@example.dom
-To: recipient@example.dom
-Subject: M2Crypto S/MIME testing
-MIME-Version: 1.0
-Content-Disposition: attachment; filename=&quot;smime.p7m&quot;
-Content-Type: application/x-pkcs7-mime; name=&quot;smime.p7m&quot;
-Content-Transfer-Encoding: base64
-
-MIIBVwYJKoZIhvcNAQcDoIIBSDCCAUQCAQAxggEAMIH9AgEAMGYwYTELMAkGA1UE
-BhMCU0cxETAPBgNVBAoTCE0yQ3J5cHRvMRkwFwYDVQQDExBTL01JTUUgUmVjaXBp
-ZW50MSQwIgYJKoZIhvcNAQkBFhVyZWNpcGllbnRAZXhhbXBsZS5kb20CAQAwDQYJ
-KoZIhvcNAQEBBQAEgYCBaXZ+qjpBEZwdP7gjfzfAtQitESyMwo3i+LBOw6sSDir6
-FlNDPCnkrTvqDX3Rt6X6vBtTCYOm+qiN7ujPkOU61cN7h8dvHR8YW9+0IPY80/W0
-lZ/HihSRgwTNd7LnxUUcPx8YV1id0dlmP0Hz+Lg+mHf6rqaR//JcYhX9vW4XvjA7
-BgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcECMN+qya6ADywgBgHr9Jkhwn5Gsdu7BwX
-nIQfYTYcdL9I5Sk=</pre>
+<p>Here’s the output of the above program:</p>
+<div class="highlight-default"><div class="highlight"><pre><span></span><span class="n">From</span><span class="p">:</span> <span class="n">sender</span><span class="nd">@example</span><span class="o">.</span><span class="n">dom</span>
+<span class="n">To</span><span class="p">:</span> <span class="n">recipient</span><span class="nd">@example</span><span class="o">.</span><span class="n">dom</span>
+<span class="n">Subject</span><span class="p">:</span> <span class="n">M2Crypto</span> <span class="n">S</span><span class="o">/</span><span class="n">MIME</span> <span class="n">testing</span>
+<span class="n">MIME</span><span class="o">-</span><span class="n">Version</span><span class="p">:</span> <span class="mf">1.0</span>
+<span class="n">Content</span><span class="o">-</span><span class="n">Disposition</span><span class="p">:</span> <span class="n">attachment</span><span class="p">;</span> <span class="n">filename</span><span class="o">=</span><span class="s2">&quot;smime.p7m&quot;</span>
+<span class="n">Content</span><span class="o">-</span><span class="n">Type</span><span class="p">:</span> <span class="n">application</span><span class="o">/</span><span class="n">x</span><span class="o">-</span><span class="n">pkcs7</span><span class="o">-</span><span class="n">mime</span><span class="p">;</span> <span class="n">name</span><span class="o">=</span><span class="s2">&quot;smime.p7m&quot;</span>
+<span class="n">Content</span><span class="o">-</span><span class="n">Transfer</span><span class="o">-</span><span class="n">Encoding</span><span class="p">:</span> <span class="n">base64</span>
+
+<span class="n">MIIBVwYJKoZIhvcNAQcDoIIBSDCCAUQCAQAxggEAMIH9AgEAMGYwYTELMAkGA1UE</span>
+<span class="n">BhMCU0cxETAPBgNVBAoTCE0yQ3J5cHRvMRkwFwYDVQQDExBTL01JTUUgUmVjaXBp</span>
+<span class="n">ZW50MSQwIgYJKoZIhvcNAQkBFhVyZWNpcGllbnRAZXhhbXBsZS5kb20CAQAwDQYJ</span>
+<span class="n">KoZIhvcNAQEBBQAEgYCBaXZ</span><span class="o">+</span><span class="n">qjpBEZwdP7gjfzfAtQitESyMwo3i</span><span class="o">+</span><span class="n">LBOw6sSDir6</span>
+<span class="n">FlNDPCnkrTvqDX3Rt6X6vBtTCYOm</span><span class="o">+</span><span class="n">qiN7ujPkOU61cN7h8dvHR8YW9</span><span class="o">+</span><span class="mi">0</span><span class="n">IPY80</span><span class="o">/</span><span class="n">W0</span>
+<span class="n">lZ</span><span class="o">/</span><span class="n">HihSRgwTNd7LnxUUcPx8YV1id0dlmP0Hz</span><span class="o">+</span><span class="n">Lg</span><span class="o">+</span><span class="n">mHf6rqaR</span><span class="o">//</span><span class="n">JcYhX9vW4XvjA7</span>
+<span class="n">BgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcECMN</span><span class="o">+</span><span class="n">qya6ADywgBgHr9Jkhwn5Gsdu7BwX</span>
+<span class="n">nIQfYTYcdL9I5Sk</span><span class="o">=</span>
+</pre></div>
</div>
</div>
<div class="section" id="decrypt">
<h1>Decrypt<a class="headerlink" href="#decrypt" title="Permalink to this headline">¶</a></h1>
-<p>Assume the above output has been saved into <tt class="docutils literal"><span class="pre">encrypt.p7</span></tt>. Decrypt the
+<p>Assume the above output has been saved into <code class="docutils literal"><span class="pre">encrypt.p7</span></code>. Decrypt the
message thusly:</p>
-<div class="highlight-python"><div class="highlight"><pre><span></span><span class="kn">from</span> <span class="nn">M2Crypto</span> <span class="kn">import</span> <span class="n">BIO</span><span class="p">,</span> <span class="n">SMIME</span><span class="p">,</span> <span class="n">X509</span>
+<div class="highlight-default"><div class="highlight"><pre><span></span><span class="kn">from</span> <span class="nn">M2Crypto</span> <span class="k">import</span> <span class="n">BIO</span><span class="p">,</span> <span class="n">SMIME</span><span class="p">,</span> <span class="n">X509</span>
<span class="c1"># Instantiate an SMIME object.</span>
<span class="n">s</span> <span class="o">=</span> <span class="n">SMIME</span><span class="o">.</span><span class="n">SMIME</span><span class="p">()</span>
@@ -452,17 +453,18 @@ message thusly:</p>
<span class="c1"># Decrypt p7.</span>
<span class="n">out</span> <span class="o">=</span> <span class="n">s</span><span class="o">.</span><span class="n">decrypt</span><span class="p">(</span><span class="n">p7</span><span class="p">)</span>
-<span class="k">print</span><span class="p">(</span><span class="n">out</span><span class="p">)</span>
+<span class="nb">print</span><span class="p">(</span><span class="n">out</span><span class="p">)</span>
</pre></div>
</div>
-<p>Here&#8217;s the output:</p>
-<div class="highlight-python"><pre>a sign of our times</pre>
+<p>Here’s the output:</p>
+<div class="highlight-default"><div class="highlight"><pre><span></span><span class="n">a</span> <span class="n">sign</span> <span class="n">of</span> <span class="n">our</span> <span class="n">times</span>
+</pre></div>
</div>
</div>
<div class="section" id="sign-and-encrypt">
<h1>Sign and Encrypt<a class="headerlink" href="#sign-and-encrypt" title="Permalink to this headline">¶</a></h1>
-<p>Here&#8217;s how to generate an S/MIME-signed/encrypted message:</p>
-<div class="highlight-python"><div class="highlight"><pre><span></span><span class="kn">from</span> <span class="nn">M2Crypto</span> <span class="kn">import</span> <span class="n">BIO</span><span class="p">,</span> <span class="n">Rand</span><span class="p">,</span> <span class="n">SMIME</span><span class="p">,</span> <span class="n">X509</span>
+<p>Here’s how to generate an S/MIME-signed/encrypted message:</p>
+<div class="highlight-default"><div class="highlight"><pre><span></span><span class="kn">from</span> <span class="nn">M2Crypto</span> <span class="k">import</span> <span class="n">BIO</span><span class="p">,</span> <span class="n">Rand</span><span class="p">,</span> <span class="n">SMIME</span><span class="p">,</span> <span class="n">X509</span>
<span class="k">def</span> <span class="nf">makebuf</span><span class="p">(</span><span class="n">text</span><span class="p">):</span>
<span class="k">return</span> <span class="n">BIO</span><span class="o">.</span><span class="n">MemoryBuffer</span><span class="p">(</span><span class="n">text</span><span class="p">)</span>
@@ -505,75 +507,76 @@ message thusly:</p>
<span class="n">out</span><span class="o">.</span><span class="n">write</span><span class="p">(</span><span class="s1">&#39;Subject: M2Crypto S/MIME testing</span><span class="se">\n</span><span class="s1">&#39;</span><span class="p">)</span>
<span class="n">s</span><span class="o">.</span><span class="n">write</span><span class="p">(</span><span class="n">out</span><span class="p">,</span> <span class="n">p7</span><span class="p">)</span>
-<span class="k">print</span><span class="p">(</span><span class="n">out</span><span class="o">.</span><span class="n">read</span><span class="p">())</span>
+<span class="nb">print</span><span class="p">(</span><span class="n">out</span><span class="o">.</span><span class="n">read</span><span class="p">())</span>
<span class="c1"># Save the PRNG&#39;s state.</span>
<span class="n">Rand</span><span class="o">.</span><span class="n">save_file</span><span class="p">(</span><span class="s1">&#39;randpool.dat&#39;</span><span class="p">)</span>
</pre></div>
</div>
-<p>Here&#8217;s the output of the above program:</p>
-<div class="highlight-python"><pre>From: sender@example.dom
-To: recipient@example.dom
-Subject: M2Crypto S/MIME testing
-MIME-Version: 1.0
-Content-Disposition: attachment; filename=&quot;smime.p7m&quot;
-Content-Type: application/x-pkcs7-mime; name=&quot;smime.p7m&quot;
-Content-Transfer-Encoding: base64
-
-MIIIwwYJKoZIhvcNAQcDoIIItDCCCLACAQAxggEAMIH9AgEAMGYwYTELMAkGA1UE
-BhMCU0cxETAPBgNVBAoTCE0yQ3J5cHRvMRkwFwYDVQQDExBTL01JTUUgUmVjaXBp
-ZW50MSQwIgYJKoZIhvcNAQkBFhVyZWNpcGllbnRAZXhhbXBsZS5kb20CAQAwDQYJ
-KoZIhvcNAQEBBQAEgYBlZlGupFphwhsGtIAPvDExN61qisz3oem88xoXkUW0SzoR
-B9zJFFAuQTWzdNJgrKKYikhWjDojaAc/PFl1K5dYxRgtZLB36ULJD/v/yWmxnjz8
-TvtK+Wbal2P/MH2pZ4LVERXa/snTElhCawUlwtiFz/JvY5CiF/dcwd+AwFQq4jCC
-B6UGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQIRF525UfwszaAggeA85RmX6AXQMxb
-eBDz/LJeCgc3RqU1UwIsbKMquIs1S46Ebbm5nP75izPnujOkJ2hv+LNzqOWADmOl
-+CnGEq1qxTyduIgUDA2nBgCL/gVyVy+/XC9dtImUUTxtxLgYtB0ujkBNsOaENOlM
-fv4SGM3jkR+K/xlYG6HHzZGbfYyNGj2Y7yMZ1rL1m8SnRNmkCysKGTrudeNf6wT9
-J6wO9DzLTioz3ZnVr3LjsSKIb4tIp4ugqNJaLuW7m3FtZ3MAgxN68hBbJs8TZ8tL
-V/0jwUqS+grcgZEb9ymfcedxahtDUfHjRkpDpsxZzVVGkSBNcbQu92oByQVnRQ8m
-wrYLp3/eawM5AvuV7HNpTT5ZR+1t8luishHN9899IMP2Vyg0Ub67FqFypYmM2cm2
-sjAI4KpfvT00XFNvgLuYwYEKs9syGTO7hiHNQKcF44F5LYv6nTFwmFQB11dAtY9V
-ull4D2CLDx9OvyNyKwdEZB5dyV0r/uKIdkhST60V2Q9KegpzgFpoZtSKM/HPYSVH
-1Bc9f3Q/GqZCvNZZCMx8UvRjQR8dRWDSmPJ0VXG1+wJ+fCmSPP3AuQ1/VsgPRqx2
-56VrpGPpGut40hV8xQFbWIZ2whwWLKPFAHj8B79ZtFUzUrU6Z2rNpvv8inHc/+S/
-b6GR5s8/gucRblvd7n3OFNX5UJmPmcw9zWbu/1Dr9DY8l0nAQh21y5FGSS8B1wdE
-oD2M3Lp7JbwjQbRtnDhImqul2S4yu+m+wDD1aR2K4k3GAI7KKgOBWT0+BDClcn8A
-4Ju6/YUbj33YlMPJgnGijLnolFy0hNW7TmWqR+8tSI3wO5eNKg4qwBnarqc3vgCV
-quVxINAXyGQCO9lzdw6hudk8/+BlweGdqhONaIWbK5z1L/SfQo6LC9MTsj7FJydq
-bc+kEbfZS8aSq7uc9axW6Ti0eAPJ8EVHtwhSBgZQRweKFBXs6HbbhMIdc4N0M7Oq
-UiFXaF6s4n2uihVP6TqXtHEjTpZoC7pC+HCYiuKXUJtaqtXBOh+y3KLvHk09YL6D
-XmTDg+UTiFsh4jKKm/BhdelbR5JbpJcj5AId76Mfr8+F/1g9ePOvsWHpQr/oIQTo
-xEkaxCmzEgP0b6caMWfMUQrbVGxBBNcqKc/ir9fGGOPHATzzq/xLcQYvK1tZhd/D
-ah/gpMPndsyvVCEuFPluWyDiM0VkwHgC2/3pJIYFHaxK64IutmPsy393rHMEB4kN
-AHau6kWK+yL9qEVH1pP2zvswQ12P7gjt3T/G3bGsmvlXkEfztfjkXo6XnjcBNf5y
-G+974AKLcjnk1gzIgarz+lAMY57Gkw4oNDMrTqVQ2OJQlvOSbllPXzH+aAiavB8W
-ZPECLLwHxD4B1AuaiAArgKl935u/TOB+yQOR8JgGsUzROyJqHJ/SC51HkebgCkL1
-aggtjgPlIBEXLZAlhpWLZ9lAQyrQpvCVJYwaOvfMmvRav4NAFNoZ2/Q7S4Tn1z+U
-XX+f+GD58P4MPMhU5IKnz4yH4nlHnAiTEvcs85TZUAXze9g/uBOwZITeGtyLi52S
-aETIr4v7SgXMepX7ThQ1Pv/jddsK/u4j2F34u0XktwCP+UrbfkE2mocdXvdzxbmd
-tZSznK2qwgVSsPOs9MhUaepbnjmNBFFBrULhrUtSglM/VX/rWNiyh0aw4XYyHhIt
-9ZNlfEjKjJ67VEMBxBJ/ieUCouRGCxPYD1j65VT7oB3ZiyPu2F2nlUIcYNqPg1Sd
-QBCrdaOXdJ0uLwyTAUeVE+wMbgscLvWsfZcCCJHAvw9NHFMUcnrdWxAYMVETNUOn
-uryVAK7VfOldaz6z3NOSOi6nonNeHpR/sipBa4ik5xCRLT9e0S2QJgRvO9GyfAqz
-3DIzHtxIGePFzTiUYUTxS3i2gnMX2PEe3ChTLlYWD3jNeAKz0iOzpDphIF2xHLLQ
-1tCAqBmq/vUzALyDFFdFuTIqQZys4z/u4Dmyq9uXs421eN3v2hkVHvDy8uT2Ot29
-lg4Q5YezR1EjaW//9guL1BXbcKrTEdtxeNqtem7SpZOMTSwD2lhB8z65GrX90Cyt
-EMmaRSGYEdf5h1afL1SmKOMskbqxe1D2jG/vsXC7XX7xO/ioy0BdiJcYN1JiMOHJ
-EOzFol5I20YkiV6j+cenfQFwc/NkaSxEkR8AUHJSbvUmRQRl6r0nnsFpZdR1w7pv
-wkaT+eOpZynO4mY/ZtF6MpXJsixi6L4ZYXEbS6yHf+XGFfB0okILylmwv2bf6+Mq
-nqXlmGj3Jwq7X9/+2BDqvfpFFX5lSmItKZAobLdssjFR6roJxOqRsGia2aZ+0+U5
-VhgdITtnElgtHBaeZU5rHDswgdeLVBP+rGWnKxpJ+pLtNNi25sPYRcWFL6Erd25u
-eXiY8GEIr+u7rqBWpc9HR34sAPRs3ubbCUleT748keCbx247ImBtiDctZxcc1O86
-+0QjHP6HUT7FSo/FmT7a120S3Gd2jixGh06l/9ij5Z6mJa7Rm7TTbSjup/XISnOT
-MKWcbI1nfVOhCv3xDq2eLae+s0oVoc041ceRazqFM2TL/Z6UXRME</pre>
+<p>Here’s the output of the above program:</p>
+<div class="highlight-default"><div class="highlight"><pre><span></span><span class="n">From</span><span class="p">:</span> <span class="n">sender</span><span class="nd">@example</span><span class="o">.</span><span class="n">dom</span>
+<span class="n">To</span><span class="p">:</span> <span class="n">recipient</span><span class="nd">@example</span><span class="o">.</span><span class="n">dom</span>
+<span class="n">Subject</span><span class="p">:</span> <span class="n">M2Crypto</span> <span class="n">S</span><span class="o">/</span><span class="n">MIME</span> <span class="n">testing</span>
+<span class="n">MIME</span><span class="o">-</span><span class="n">Version</span><span class="p">:</span> <span class="mf">1.0</span>
+<span class="n">Content</span><span class="o">-</span><span class="n">Disposition</span><span class="p">:</span> <span class="n">attachment</span><span class="p">;</span> <span class="n">filename</span><span class="o">=</span><span class="s2">&quot;smime.p7m&quot;</span>
+<span class="n">Content</span><span class="o">-</span><span class="n">Type</span><span class="p">:</span> <span class="n">application</span><span class="o">/</span><span class="n">x</span><span class="o">-</span><span class="n">pkcs7</span><span class="o">-</span><span class="n">mime</span><span class="p">;</span> <span class="n">name</span><span class="o">=</span><span class="s2">&quot;smime.p7m&quot;</span>
+<span class="n">Content</span><span class="o">-</span><span class="n">Transfer</span><span class="o">-</span><span class="n">Encoding</span><span class="p">:</span> <span class="n">base64</span>
+
+<span class="n">MIIIwwYJKoZIhvcNAQcDoIIItDCCCLACAQAxggEAMIH9AgEAMGYwYTELMAkGA1UE</span>
+<span class="n">BhMCU0cxETAPBgNVBAoTCE0yQ3J5cHRvMRkwFwYDVQQDExBTL01JTUUgUmVjaXBp</span>
+<span class="n">ZW50MSQwIgYJKoZIhvcNAQkBFhVyZWNpcGllbnRAZXhhbXBsZS5kb20CAQAwDQYJ</span>
+<span class="n">KoZIhvcNAQEBBQAEgYBlZlGupFphwhsGtIAPvDExN61qisz3oem88xoXkUW0SzoR</span>
+<span class="n">B9zJFFAuQTWzdNJgrKKYikhWjDojaAc</span><span class="o">/</span><span class="n">PFl1K5dYxRgtZLB36ULJD</span><span class="o">/</span><span class="n">v</span><span class="o">/</span><span class="n">yWmxnjz8</span>
+<span class="n">TvtK</span><span class="o">+</span><span class="n">Wbal2P</span><span class="o">/</span><span class="n">MH2pZ4LVERXa</span><span class="o">/</span><span class="n">snTElhCawUlwtiFz</span><span class="o">/</span><span class="n">JvY5CiF</span><span class="o">/</span><span class="n">dcwd</span><span class="o">+</span><span class="n">AwFQq4jCC</span>
+<span class="n">B6UGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQIRF525UfwszaAggeA85RmX6AXQMxb</span>
+<span class="n">eBDz</span><span class="o">/</span><span class="n">LJeCgc3RqU1UwIsbKMquIs1S46Ebbm5nP75izPnujOkJ2hv</span><span class="o">+</span><span class="n">LNzqOWADmOl</span>
+<span class="o">+</span><span class="n">CnGEq1qxTyduIgUDA2nBgCL</span><span class="o">/</span><span class="n">gVyVy</span><span class="o">+/</span><span class="n">XC9dtImUUTxtxLgYtB0ujkBNsOaENOlM</span>
+<span class="n">fv4SGM3jkR</span><span class="o">+</span><span class="n">K</span><span class="o">/</span><span class="n">xlYG6HHzZGbfYyNGj2Y7yMZ1rL1m8SnRNmkCysKGTrudeNf6wT9</span>
+<span class="n">J6wO9DzLTioz3ZnVr3LjsSKIb4tIp4ugqNJaLuW7m3FtZ3MAgxN68hBbJs8TZ8tL</span>
+<span class="n">V</span><span class="o">/</span><span class="mi">0</span><span class="n">jwUqS</span><span class="o">+</span><span class="n">grcgZEb9ymfcedxahtDUfHjRkpDpsxZzVVGkSBNcbQu92oByQVnRQ8m</span>
+<span class="n">wrYLp3</span><span class="o">/</span><span class="n">eawM5AvuV7HNpTT5ZR</span><span class="o">+</span><span class="mi">1</span><span class="n">t8luishHN9899IMP2Vyg0Ub67FqFypYmM2cm2</span>
+<span class="n">sjAI4KpfvT00XFNvgLuYwYEKs9syGTO7hiHNQKcF44F5LYv6nTFwmFQB11dAtY9V</span>
+<span class="n">ull4D2CLDx9OvyNyKwdEZB5dyV0r</span><span class="o">/</span><span class="n">uKIdkhST60V2Q9KegpzgFpoZtSKM</span><span class="o">/</span><span class="n">HPYSVH</span>
+<span class="mi">1</span><span class="n">Bc9f3Q</span><span class="o">/</span><span class="n">GqZCvNZZCMx8UvRjQR8dRWDSmPJ0VXG1</span><span class="o">+</span><span class="n">wJ</span><span class="o">+</span><span class="n">fCmSPP3AuQ1</span><span class="o">/</span><span class="n">VsgPRqx2</span>
+<span class="mi">56</span><span class="n">VrpGPpGut40hV8xQFbWIZ2whwWLKPFAHj8B79ZtFUzUrU6Z2rNpvv8inHc</span><span class="o">/+</span><span class="n">S</span><span class="o">/</span>
+<span class="n">b6GR5s8</span><span class="o">/</span><span class="n">gucRblvd7n3OFNX5UJmPmcw9zWbu</span><span class="o">/</span><span class="mi">1</span><span class="n">Dr9DY8l0nAQh21y5FGSS8B1wdE</span>
+<span class="n">oD2M3Lp7JbwjQbRtnDhImqul2S4yu</span><span class="o">+</span><span class="n">m</span><span class="o">+</span><span class="n">wDD1aR2K4k3GAI7KKgOBWT0</span><span class="o">+</span><span class="n">BDClcn8A</span>
+<span class="mi">4</span><span class="n">Ju6</span><span class="o">/</span><span class="n">YUbj33YlMPJgnGijLnolFy0hNW7TmWqR</span><span class="o">+</span><span class="mi">8</span><span class="n">tSI3wO5eNKg4qwBnarqc3vgCV</span>
+<span class="n">quVxINAXyGQCO9lzdw6hudk8</span><span class="o">/+</span><span class="n">BlweGdqhONaIWbK5z1L</span><span class="o">/</span><span class="n">SfQo6LC9MTsj7FJydq</span>
+<span class="n">bc</span><span class="o">+</span><span class="n">kEbfZS8aSq7uc9axW6Ti0eAPJ8EVHtwhSBgZQRweKFBXs6HbbhMIdc4N0M7Oq</span>
+<span class="n">UiFXaF6s4n2uihVP6TqXtHEjTpZoC7pC</span><span class="o">+</span><span class="n">HCYiuKXUJtaqtXBOh</span><span class="o">+</span><span class="n">y3KLvHk09YL6D</span>
+<span class="n">XmTDg</span><span class="o">+</span><span class="n">UTiFsh4jKKm</span><span class="o">/</span><span class="n">BhdelbR5JbpJcj5AId76Mfr8</span><span class="o">+</span><span class="n">F</span><span class="o">/</span><span class="mi">1</span><span class="n">g9ePOvsWHpQr</span><span class="o">/</span><span class="n">oIQTo</span>
+<span class="n">xEkaxCmzEgP0b6caMWfMUQrbVGxBBNcqKc</span><span class="o">/</span><span class="n">ir9fGGOPHATzzq</span><span class="o">/</span><span class="n">xLcQYvK1tZhd</span><span class="o">/</span><span class="n">D</span>
+<span class="n">ah</span><span class="o">/</span><span class="n">gpMPndsyvVCEuFPluWyDiM0VkwHgC2</span><span class="o">/</span><span class="mi">3</span><span class="n">pJIYFHaxK64IutmPsy393rHMEB4kN</span>
+<span class="n">AHau6kWK</span><span class="o">+</span><span class="n">yL9qEVH1pP2zvswQ12P7gjt3T</span><span class="o">/</span><span class="n">G3bGsmvlXkEfztfjkXo6XnjcBNf5y</span>
+<span class="n">G</span><span class="o">+</span><span class="mi">974</span><span class="n">AKLcjnk1gzIgarz</span><span class="o">+</span><span class="n">lAMY57Gkw4oNDMrTqVQ2OJQlvOSbllPXzH</span><span class="o">+</span><span class="n">aAiavB8W</span>
+<span class="n">ZPECLLwHxD4B1AuaiAArgKl935u</span><span class="o">/</span><span class="n">TOB</span><span class="o">+</span><span class="n">yQOR8JgGsUzROyJqHJ</span><span class="o">/</span><span class="n">SC51HkebgCkL1</span>
+<span class="n">aggtjgPlIBEXLZAlhpWLZ9lAQyrQpvCVJYwaOvfMmvRav4NAFNoZ2</span><span class="o">/</span><span class="n">Q7S4Tn1z</span><span class="o">+</span><span class="n">U</span>
+<span class="n">XX</span><span class="o">+</span><span class="n">f</span><span class="o">+</span><span class="n">GD58P4MPMhU5IKnz4yH4nlHnAiTEvcs85TZUAXze9g</span><span class="o">/</span><span class="n">uBOwZITeGtyLi52S</span>
+<span class="n">aETIr4v7SgXMepX7ThQ1Pv</span><span class="o">/</span><span class="n">jddsK</span><span class="o">/</span><span class="n">u4j2F34u0XktwCP</span><span class="o">+</span><span class="n">UrbfkE2mocdXvdzxbmd</span>
+<span class="n">tZSznK2qwgVSsPOs9MhUaepbnjmNBFFBrULhrUtSglM</span><span class="o">/</span><span class="n">VX</span><span class="o">/</span><span class="n">rWNiyh0aw4XYyHhIt</span>
+<span class="mi">9</span><span class="n">ZNlfEjKjJ67VEMBxBJ</span><span class="o">/</span><span class="n">ieUCouRGCxPYD1j65VT7oB3ZiyPu2F2nlUIcYNqPg1Sd</span>
+<span class="n">QBCrdaOXdJ0uLwyTAUeVE</span><span class="o">+</span><span class="n">wMbgscLvWsfZcCCJHAvw9NHFMUcnrdWxAYMVETNUOn</span>
+<span class="n">uryVAK7VfOldaz6z3NOSOi6nonNeHpR</span><span class="o">/</span><span class="n">sipBa4ik5xCRLT9e0S2QJgRvO9GyfAqz</span>
+<span class="mi">3</span><span class="n">DIzHtxIGePFzTiUYUTxS3i2gnMX2PEe3ChTLlYWD3jNeAKz0iOzpDphIF2xHLLQ</span>
+<span class="mi">1</span><span class="n">tCAqBmq</span><span class="o">/</span><span class="n">vUzALyDFFdFuTIqQZys4z</span><span class="o">/</span><span class="n">u4Dmyq9uXs421eN3v2hkVHvDy8uT2Ot29</span>
+<span class="n">lg4Q5YezR1EjaW</span><span class="o">//</span><span class="mi">9</span><span class="n">guL1BXbcKrTEdtxeNqtem7SpZOMTSwD2lhB8z65GrX90Cyt</span>
+<span class="n">EMmaRSGYEdf5h1afL1SmKOMskbqxe1D2jG</span><span class="o">/</span><span class="n">vsXC7XX7xO</span><span class="o">/</span><span class="n">ioy0BdiJcYN1JiMOHJ</span>
+<span class="n">EOzFol5I20YkiV6j</span><span class="o">+</span><span class="n">cenfQFwc</span><span class="o">/</span><span class="n">NkaSxEkR8AUHJSbvUmRQRl6r0nnsFpZdR1w7pv</span>
+<span class="n">wkaT</span><span class="o">+</span><span class="n">eOpZynO4mY</span><span class="o">/</span><span class="n">ZtF6MpXJsixi6L4ZYXEbS6yHf</span><span class="o">+</span><span class="n">XGFfB0okILylmwv2bf6</span><span class="o">+</span><span class="n">Mq</span>
+<span class="n">nqXlmGj3Jwq7X9</span><span class="o">/+</span><span class="mi">2</span><span class="n">BDqvfpFFX5lSmItKZAobLdssjFR6roJxOqRsGia2aZ</span><span class="o">+</span><span class="mi">0</span><span class="o">+</span><span class="n">U5</span>
+<span class="n">VhgdITtnElgtHBaeZU5rHDswgdeLVBP</span><span class="o">+</span><span class="n">rGWnKxpJ</span><span class="o">+</span><span class="n">pLtNNi25sPYRcWFL6Erd25u</span>
+<span class="n">eXiY8GEIr</span><span class="o">+</span><span class="n">u7rqBWpc9HR34sAPRs3ubbCUleT748keCbx247ImBtiDctZxcc1O86</span>
+<span class="o">+</span><span class="mi">0</span><span class="n">QjHP6HUT7FSo</span><span class="o">/</span><span class="n">FmT7a120S3Gd2jixGh06l</span><span class="o">/</span><span class="mi">9</span><span class="n">ij5Z6mJa7Rm7TTbSjup</span><span class="o">/</span><span class="n">XISnOT</span>
+<span class="n">MKWcbI1nfVOhCv3xDq2eLae</span><span class="o">+</span><span class="n">s0oVoc041ceRazqFM2TL</span><span class="o">/</span><span class="n">Z6UXRME</span>
+</pre></div>
</div>
</div>
<div class="section" id="decrypt-and-verify">
<h1>Decrypt and Verify<a class="headerlink" href="#decrypt-and-verify" title="Permalink to this headline">¶</a></h1>
-<p>Suppose the above output has been saved into <tt class="docutils literal"><span class="pre">se.p7</span></tt>. The following
+<p>Suppose the above output has been saved into <code class="docutils literal"><span class="pre">se.p7</span></code>. The following
demonstrates how to decrypt and verify it:</p>
-<div class="highlight-python"><div class="highlight"><pre><span></span><span class="kn">from</span> <span class="nn">M2Crypto</span> <span class="kn">import</span> <span class="n">BIO</span><span class="p">,</span> <span class="n">SMIME</span><span class="p">,</span> <span class="n">X509</span>
+<div class="highlight-default"><div class="highlight"><pre><span></span><span class="kn">from</span> <span class="nn">M2Crypto</span> <span class="k">import</span> <span class="n">BIO</span><span class="p">,</span> <span class="n">SMIME</span><span class="p">,</span> <span class="n">X509</span>
<span class="c1"># Instantiate an SMIME object.</span>
<span class="n">s</span> <span class="o">=</span> <span class="n">SMIME</span><span class="o">.</span><span class="n">SMIME</span><span class="p">()</span>
@@ -606,23 +609,24 @@ demonstrates how to decrypt and verify it:</p>
<span class="n">p7</span><span class="p">,</span> <span class="n">data</span> <span class="o">=</span> <span class="n">SMIME</span><span class="o">.</span><span class="n">smime_load_pkcs7_bio</span><span class="p">(</span><span class="n">p7_bio</span><span class="p">)</span>
<span class="n">v</span> <span class="o">=</span> <span class="n">s</span><span class="o">.</span><span class="n">verify</span><span class="p">(</span><span class="n">p7</span><span class="p">)</span>
-<span class="k">print</span><span class="p">(</span><span class="n">v</span><span class="p">)</span>
+<span class="nb">print</span><span class="p">(</span><span class="n">v</span><span class="p">)</span>
</pre></div>
</div>
<p>The output is as follows:</p>
-<div class="highlight-python"><pre>a sign of our times</pre>
+<div class="highlight-default"><div class="highlight"><pre><span></span><span class="n">a</span> <span class="n">sign</span> <span class="n">of</span> <span class="n">our</span> <span class="n">times</span>
+</pre></div>
</div>
</div>
<div class="section" id="sending-s-mime-messages-via-smtp">
<h1>Sending S/MIME messages via SMTP<a class="headerlink" href="#sending-s-mime-messages-via-smtp" title="Permalink to this headline">¶</a></h1>
-<p>In the above examples, we&#8217;ve assumed that our S/MIME messages are sent
+<p>In the above examples, we’ve assumed that our S/MIME messages are sent
and received automagically. The following is a Python function that
generates S/MIME-signed/encrypted messages and sends them via
SMTP:</p>
-<div class="highlight-python"><div class="highlight"><pre><span></span><span class="kn">from</span> <span class="nn">M2Crypto</span> <span class="kn">import</span> <span class="n">BIO</span><span class="p">,</span> <span class="n">SMIME</span><span class="p">,</span> <span class="n">X509</span>
+<div class="highlight-default"><div class="highlight"><pre><span></span><span class="kn">from</span> <span class="nn">M2Crypto</span> <span class="k">import</span> <span class="n">BIO</span><span class="p">,</span> <span class="n">SMIME</span><span class="p">,</span> <span class="n">X509</span>
<span class="kn">import</span> <span class="nn">smtplib</span><span class="o">,</span> <span class="nn">string</span><span class="o">,</span> <span class="nn">sys</span>
-<span class="k">def</span> <span class="nf">sendsmime</span><span class="p">(</span><span class="n">from_addr</span><span class="p">,</span> <span class="n">to_addrs</span><span class="p">,</span> <span class="n">subject</span><span class="p">,</span> <span class="n">msg</span><span class="p">,</span> <span class="n">from_key</span><span class="p">,</span> <span class="n">from_cert</span><span class="o">=</span><span class="bp">None</span><span class="p">,</span> <span class="n">to_certs</span><span class="o">=</span><span class="bp">None</span><span class="p">,</span> <span class="n">smtpd</span><span class="o">=</span><span class="s1">&#39;localhost&#39;</span><span class="p">):</span>
+<span class="k">def</span> <span class="nf">sendsmime</span><span class="p">(</span><span class="n">from_addr</span><span class="p">,</span> <span class="n">to_addrs</span><span class="p">,</span> <span class="n">subject</span><span class="p">,</span> <span class="n">msg</span><span class="p">,</span> <span class="n">from_key</span><span class="p">,</span> <span class="n">from_cert</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">to_certs</span><span class="o">=</span><span class="kc">None</span><span class="p">,</span> <span class="n">smtpd</span><span class="o">=</span><span class="s1">&#39;localhost&#39;</span><span class="p">):</span>
<span class="n">msg_bio</span> <span class="o">=</span> <span class="n">BIO</span><span class="o">.</span><span class="n">MemoryBuffer</span><span class="p">(</span><span class="n">msg</span><span class="p">)</span>
<span class="n">sign</span> <span class="o">=</span> <span class="n">from_key</span>
@@ -672,81 +676,83 @@ SMTP:</p>
</div>
<p>This function sends plain, S/MIME-signed, S/MIME-encrypted, and
S/MIME-signed/encrypted messages, depending on the parameters
-<tt class="docutils literal"><span class="pre">from_key</span></tt> and <tt class="docutils literal"><span class="pre">to_certs</span></tt>. The function&#8217;s output interoperates with
+<code class="docutils literal"><span class="pre">from_key</span></code> and <code class="docutils literal"><span class="pre">to_certs</span></code>. The function’s output interoperates with
Netscape Messenger.</p>
</div>
<div class="section" id="verifying-origin-of-s-mime-messages">
<h1>Verifying origin of S/MIME messages<a class="headerlink" href="#verifying-origin-of-s-mime-messages" title="Permalink to this headline">¶</a></h1>
<p>In our examples above that decrypt or verify messages, we skipped a
-step: verifying that the <tt class="docutils literal"><span class="pre">from</span></tt> address of the message matches the
-<tt class="docutils literal"><span class="pre">email</span> <span class="pre">address</span></tt> attribute in the sender&#8217;s certificate.</p>
+step: verifying that the <code class="docutils literal"><span class="pre">from</span></code> address of the message matches the
+<code class="docutils literal"><span class="pre">email</span> <span class="pre">address</span></code> attribute in the sender’s certificate.</p>
<p>The premise of current X.509 certification practice is that the CA is
supposed to verify your identity, and to issue a certificate with
-<tt class="docutils literal"><span class="pre">email</span> <span class="pre">address</span></tt> that matches your actual mail address. (Verisign&#8217;s
+<code class="docutils literal"><span class="pre">email</span> <span class="pre">address</span></code> that matches your actual mail address. (Verisign’s
March 2001 failure in identity verification resulting in Microsoft
certificates being issued to spoofers notwithstanding.)</p>
<p>If you run your own CA, your certification practice is up to you, of
course, and it would probably be part of your security policy.</p>
-<p>Whether your S/MIME messaging application needs to verify the <tt class="docutils literal"><span class="pre">from</span></tt>
+<p>Whether your S/MIME messaging application needs to verify the <code class="docutils literal"><span class="pre">from</span></code>
addresses of S/MIME messages depends on your security policy and your
-system&#8217;s threat model, as always.</p>
+system’s threat model, as always.</p>
</div>
<div class="section" id="interoperating-with-netscape-messenger">
<h1>Interoperating with Netscape Messenger<a class="headerlink" href="#interoperating-with-netscape-messenger" title="Permalink to this headline">¶</a></h1>
<p>Suppose S/MIME Recipient uses Netscape Messenger. To enable Messenger to
handle S/MIME messages from S/MIME Sender, S/MIME Recipient needs to
configure Messenger with his private key and certificate, as well as
-S/MIME Sender&#8217;s certificate.</p>
+S/MIME Sender’s certificate.</p>
<blockquote>
-<div><strong>Note:</strong> Configuring Messenger&#8217;s POP or IMAP settings so that it
+<div><strong>Note:</strong> Configuring Messenger’s POP or IMAP settings so that it
retrieves mail correctly is beyond the scope of this HOWTO.</div></blockquote>
-<p>The following steps demonstrate how to import S/MIME Recipient&#8217;s private
+<p>The following steps demonstrate how to import S/MIME Recipient’s private
key and certificate for Messenger:</p>
<ol class="arabic">
-<li><p class="first">Transform S/MIME Recipient&#8217;s private key and certificate into <em>PKCS
+<li><p class="first">Transform S/MIME Recipient’s private key and certificate into <em>PKCS
#12</em> format:</p>
-<div class="highlight-python"><pre>openssl pkcs12 -export -in recipient.pem -inkey recipient_key.pem \
- -name &quot;S/MIME Recipient&quot; -out recipient.p12
+<div class="highlight-default"><div class="highlight"><pre><span></span><span class="n">openssl</span> <span class="n">pkcs12</span> <span class="o">-</span><span class="n">export</span> <span class="o">-</span><span class="ow">in</span> <span class="n">recipient</span><span class="o">.</span><span class="n">pem</span> <span class="o">-</span><span class="n">inkey</span> <span class="n">recipient_key</span><span class="o">.</span><span class="n">pem</span> \
+ <span class="o">-</span><span class="n">name</span> <span class="s2">&quot;S/MIME Recipient&quot;</span> <span class="o">-</span><span class="n">out</span> <span class="n">recipient</span><span class="o">.</span><span class="n">p12</span>
-Enter Export Password:&lt;enter&gt;
-Verifying password - Enter Export Password:&lt;enter&gt;</pre>
+<span class="n">Enter</span> <span class="n">Export</span> <span class="n">Password</span><span class="p">:</span><span class="o">&lt;</span><span class="n">enter</span><span class="o">&gt;</span>
+<span class="n">Verifying</span> <span class="n">password</span> <span class="o">-</span> <span class="n">Enter</span> <span class="n">Export</span> <span class="n">Password</span><span class="p">:</span><span class="o">&lt;</span><span class="n">enter</span><span class="o">&gt;</span>
+</pre></div>
</div>
</li>
<li><p class="first">Start Messenger.</p>
</li>
-<li><p class="first">Click on the (open) &#8220;lock&#8221; icon at the bottom left corner of
-Messenger&#8217;s window. This brings up the &#8220;Security Info&#8221; dialog box.</p>
+<li><p class="first">Click on the (open) “lock” icon at the bottom left corner of
+Messenger’s window. This brings up the “Security Info” dialog box.</p>
</li>
-<li><p class="first">Click on &#8220;Yours&#8221; under &#8220;Certificates&#8221;.</p>
+<li><p class="first">Click on “Yours” under “Certificates”.</p>
</li>
-<li><p class="first">Select &#8220;Import a certificate&#8221;, then pick <tt class="docutils literal"><span class="pre">recipient.p12</span></tt> from the
+<li><p class="first">Select “Import a certificate”, then pick <code class="docutils literal"><span class="pre">recipient.p12</span></code> from the
ensuing file selection dialog box.</p>
</li>
</ol>
-<p>Next, you need to import <tt class="docutils literal"><span class="pre">signer.pem</span></tt> as a CA certificate, so that
-Messenger will mark messages signed by S/MIME Sender as &#8220;trusted&#8221;:</p>
+<p>Next, you need to import <code class="docutils literal"><span class="pre">signer.pem</span></code> as a CA certificate, so that
+Messenger will mark messages signed by S/MIME Sender as “trusted”:</p>
<ol class="arabic">
-<li><p class="first">Create a DER encoding of <tt class="docutils literal"><span class="pre">signer.pem</span></tt>:</p>
-<div class="highlight-python"><pre>openssl x509 -inform pem -outform der -in signer.pem -out signer.der</pre>
+<li><p class="first">Create a DER encoding of <code class="docutils literal"><span class="pre">signer.pem</span></code>:</p>
+<div class="highlight-default"><div class="highlight"><pre><span></span><span class="n">openssl</span> <span class="n">x509</span> <span class="o">-</span><span class="n">inform</span> <span class="n">pem</span> <span class="o">-</span><span class="n">outform</span> <span class="n">der</span> <span class="o">-</span><span class="ow">in</span> <span class="n">signer</span><span class="o">.</span><span class="n">pem</span> <span class="o">-</span><span class="n">out</span> <span class="n">signer</span><span class="o">.</span><span class="n">der</span>
+</pre></div>
</div>
</li>
-<li><p class="first">Install <tt class="docutils literal"><span class="pre">signer.der</span></tt> into Messenger as MIME type
-<tt class="docutils literal"><span class="pre">application/x-x509-ca-cert</span></tt>. You do this by downloading
-<tt class="docutils literal"><span class="pre">signer.der</span></tt> via Navigator from a HTTP or HTTPS server, with the
-correct MIME type mapping. (You may use <tt class="docutils literal"><span class="pre">demo/ssl/https_srv.py</span></tt>,
+<li><p class="first">Install <code class="docutils literal"><span class="pre">signer.der</span></code> into Messenger as MIME type
+<code class="docutils literal"><span class="pre">application/x-x509-ca-cert</span></code>. You do this by downloading
+<code class="docutils literal"><span class="pre">signer.der</span></code> via Navigator from a HTTP or HTTPS server, with the
+correct MIME type mapping. (You may use <code class="docutils literal"><span class="pre">demo/ssl/https_srv.py</span></code>,
bundled with M2Crypto, for this purpose.) Follow the series of dialog
-boxes to accept <tt class="docutils literal"><span class="pre">signer.der</span></tt> as a CA for certifying email users.</p>
+boxes to accept <code class="docutils literal"><span class="pre">signer.der</span></code> as a CA for certifying email users.</p>
</li>
</ol>
-<p>S/MIME Recipient is now able to decrypt and read S/MIME Sender&#8217;s
-messages with Messenger. Messenger will indicate that S/MIME Sender&#8217;s
+<p>S/MIME Recipient is now able to decrypt and read S/MIME Sender’s
+messages with Messenger. Messenger will indicate that S/MIME Sender’s
messages are signed, encrypted, or encrypted <em>and</em> signed, as the case
-may be, via the &#8220;stamp&#8221; icon on the message window&#8217;s top right corner.</p>
-<p>Clicking on the &#8220;stamp&#8221; icon brings you to the Security Info dialog box.
+may be, via the “stamp” icon on the message window’s top right corner.</p>
+<p>Clicking on the “stamp” icon brings you to the Security Info dialog box.
Messenger informs you that the message is, say, encrypted with 168-bit
DES-EDE3-CBC and that it is digitally signed by the private key
corresponding to the public key contained in the certificate
-<tt class="docutils literal"><span class="pre">signer.pem</span></tt>.</p>
+<code class="docutils literal"><span class="pre">signer.pem</span></code>.</p>
</div>
<div class="section" id="interoperating-with-microsoft-outlook">
<h1>Interoperating with Microsoft Outlook<a class="headerlink" href="#interoperating-with-microsoft-outlook" title="Permalink to this headline">¶</a></h1>
@@ -782,7 +788,7 @@ document.)</p>
</div>
</div>
</div>
- <div class="sphinxsidebar">
+ <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
<div class="sphinxsidebarwrapper">
<h3><a href="index.html">Table Of Contents</a></h3>
<ul>
@@ -804,44 +810,48 @@ document.)</p>
<li><a class="reference internal" href="#zsmime">ZSmime</a></li>
<li><a class="reference internal" href="#resources">Resources</a></li>
</ul>
-
- <h3>This Page</h3>
- <ul class="this-page-menu">
- <li><a href="_sources/howto.smime.txt"
- rel="nofollow">Show Source</a></li>
- </ul>
-<div id="searchbox" style="display: none">
+<div class="relations">
+<h3>Related Topics</h3>
+<ul>
+ <li><a href="index.html">Documentation overview</a><ul>
+ </ul></li>
+</ul>
+</div>
+ <div role="note" aria-label="source link">
+ <h3>This Page</h3>
+ <ul class="this-page-menu">
+ <li><a href="_sources/howto.smime.rst.txt"
+ rel="nofollow">Show Source</a></li>
+ </ul>
+ </div>
+<div id="searchbox" style="display: none" role="search">
<h3>Quick search</h3>
<form class="search" action="search.html" method="get">
- <input type="text" name="q" />
- <input type="submit" value="Go" />
+ <div><input type="text" name="q" /></div>
+ <div><input type="submit" value="Go" /></div>
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
- <p class="searchtip" style="font-size: 90%">
- Enter search terms or a module, class or function name.
- </p>
</div>
<script type="text/javascript">$('#searchbox').show(0);</script>
</div>
</div>
<div class="clearer"></div>
</div>
- <div class="related">
- <h3>Navigation</h3>
- <ul>
- <li class="right" style="margin-right: 10px">
- <a href="genindex.html" title="General Index"
- >index</a></li>
- <li class="right" >
- <a href="py-modindex.html" title="Python Module Index"
- >modules</a> |</li>
- <li><a href="index.html">M2Crypto documentation</a> &raquo;</li>
- </ul>
- </div>
<div class="footer">
- &copy; Copyright 2017, Matej Cepl &lt;mcepl@cepl.eu&gt;.
- Created using <a href="http://sphinx.pocoo.org/">Sphinx</a> 1.1.3.
+ &copy;2017, Matej Cepl <mcepl@cepl.eu>.
+
+ |
+ Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.4</a>
+ &amp; <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.9</a>
+
+ |
+ <a href="_sources/howto.smime.rst.txt"
+ rel="nofollow">Page source</a>
</div>
+
+
+
+
</body>
</html> \ No newline at end of file
View Lorry Controller Status