Swarmauri signing facade plugin that aggregates registered SigningBase providers.
Project description
MediaSigner
MediaSigner packages the asynchronous Signer facade that orchestrates registered
SigningBase providers. Moving the facade into a standalone plugin keeps the
core standards library lightweight while still enabling drop-in discovery of
specialised signers such as CMS, JWS, OpenPGP, PDF, and XMLDSig providers.
Features
- Unified signing façade – talk to every installed
SigningBasethrough a single async API that automatically discovers entry-point contributions. - Format-aware routing – delegates signing and verification to the provider
registered for a format token such as
jws,pdf, orxmld. - Optional plugin bundles – install curated extras (e.g.
[plugins]) to bring in all available signer backends in one step. - Key-provider integration – share Swarmauri key providers with the facade so opaque key references resolve before signature creation.
- Production-ready CLI – inspect capabilities, sign payloads, and verify results directly from the command line for fast automation.
Installation
Using uv
uv add MediaSigner
# install every optional backend
uv add "MediaSigner[plugins]"
The [plugins] extra pulls in CMS, JWS, OpenPGP, PDF, and XMLDSig signers.
Using pip
pip install MediaSigner
# with every optional backend
pip install "MediaSigner[plugins]"
Usage
import asyncio
from MediaSigner import MediaSigner
from swarmauri_core.key_providers.IKeyProvider import IKeyProvider
# Optionally pass a key provider so plugins receive a shared source for
# retrieving signing material.
key_provider: IKeyProvider | None = None
signer = MediaSigner(key_provider=key_provider)
async def sign_payload(payload: bytes) -> None:
signatures = await signer.sign_bytes("jws", key="my-key", payload=payload)
assert signatures, "At least one signature should be returned"
print(signer.supports("jws"))
asyncio.run(sign_payload(b"payload"))
Integrating a key provider
Any Swarmauri key provider can be shared with the facade so backends receive ready-to-use key material:
import asyncio
from MediaSigner import MediaSigner
from swarmauri_keyprovider_inmemory import InMemoryKeyProvider
provider = InMemoryKeyProvider(keys={"local://demo": b"secret"})
signer = MediaSigner(key_provider=provider)
async def main() -> None:
signatures = await signer.sign_bytes(
"jws",
key="local://demo",
payload=b"demo",
alg="HS256",
opts={"kid": "demo"},
)
print(signatures[0].mode)
asyncio.run(main())
Discover installed plugins
Use the facade to list installed signers and inspect their capabilities:
for format_name in signer.supported_formats():
capabilities = signer.supports(format_name)
print(format_name, list(capabilities))
Why this structure?
- Separation of concerns – standards remain focused on common abstractions while the plugin encapsulates optional dependencies.
- Explicit opt-in – downstream projects can install only the signing stacks they need via the curated extras.
- Consistent ergonomics – usage matches the historical
swarmauri_standard.signing.Signerimport, preserving existing tutorials and code samples.
Command line utility
MediaSigner ships a small CLI for quick inspection and automation:
media-signer list # List available formats
media-signer supports jws # Show capability metadata
media-signer sign-bytes jws \
--alg HS256 \
--key key.json \
--input payload.bin \
--output signatures.json
media-signer verify-bytes jws \
--input payload.bin \
--sigs signatures.json \
--opts verify-keys.json
The CLI expects JSON files describing KeyRef objects and verification
materials matching the selected plugin.
Project Resources
- Source: https://github.com/swarmauri/swarmauri-sdk/tree/main/pkgs/plugins/media_signer
- Documentation: https://github.com/swarmauri/swarmauri-sdk/tree/main/pkgs/plugins/media_signer#readme
- Issues: https://github.com/swarmauri/swarmauri-sdk/issues
- Releases: https://github.com/swarmauri/swarmauri-sdk/releases
- Discussions: https://github.com/orgs/swarmauri/discussions
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
mediasigner-0.6.5.dev19.tar.gz
(10.5 kB
view details)
File details
Details for the file mediasigner-0.6.5.dev19.tar.gz.
File metadata
- Download URL: mediasigner-0.6.5.dev19.tar.gz
- Upload date:
- Size: 10.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.10.12 {"installer":{"name":"uv","version":"0.10.12","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
83221f03ff504a874cab6bcc031823739299fcf7adaaf12c0888be4633ae32d3
|
|
| MD5 |
967c64cf7fd58e8e394bba5296027373
|
|
| BLAKE2b-256 |
a22e2bc049ba24b226b455ee5f9735234494688eb49d56efdb9112f211a11cd2
|
