integv 1.3.0

A file integrity verifier based on the format of the file.

integv

integv is a file integrity verifier based on the format of the file. It's capable of checking the integrity of multiple types of files without any additional information like Content-Length or checksum. The main goal of integv is to detect file corruption (mostly shortened) during file download caused by network glitch. But integv still can be used for many other purposes as well.

Installation

pip install integv

Why integv

Sometimes when you download some media files using requests, a network glitch happens and your file downloaded is corrupted. If there's a Content-Length header, you can compare it to the downloaded file size. But the worst thing is most of the time, media files are served using HTTP chunked transfer encoding, and there's no Content-Length header. So you don't know if the download file is good or not. And that's the time integv comes to help, just feed the downloaded file to integv and it can verify the integrity of the file with zero other information like Content-Length. All integv needs are the type of the file.

integv has many advantages.

1. integv is light, integv is written in pure python with 0 dependencies. Which makes integv portable and easy to integrate into your project.

2. integv is fast, integv does not try to decode the file, it just checks all the key points in the file, so integv is much faster than other solutions that try to decode the file.

Here's a comparison of verifying a 70 MB mp4 file using integv and FFmpeg. integv only takes about 60 microseconds, FFmpeg takes about 10 seconds.

python3 -m timeit "import integv;integv.FileIntegrityVerifier().verify('../test.mp4')"
5000 loops, best of 5: 61.4 usec per loop

python3 -m timeit "import subprocess;subprocess.run('ffmpeg -v error -i ../test.mp4 -f null -', shell=True)"
1 loop, best of 5: 11.2 sec per loop

Quick Start

import integv

# load a test mp4 file
file_path = "./test/sample/video/sample.mp4"
with open(file_path, "rb") as f:
   file = f.read()

# verify using the file and file_type
# file_type can be a simple filename extension like "mp4" or "jpg"
# or you can provide a full MIME type like "video/mp4" or "image/jpeg"
integv.verify(file, file_type="mp4") # True

# a corrupted file (in this case, shortened by one byte) will not pass the verification
integv.verify(file[:-1], file_type="mp4") # False

# the file input for the verifier can be bytes or a binary file like object
integv.verify(open(file_path, "rb"), file_type="mp4") # True

# it can also be a string representing a file path
# if the file path contains a proper filename extension, the file_type is not needed.
integv.verify(file_path) # True

Supported types

Video

• mp4: video/mp4
• mkv: video/x-matroska
• webm: video/webm
• avi: video/vnd.avi
• flv*: video/x-flv

* not f4v. Basically, f4v is just mp4 with a different name. For f4v files, use mp4 integrity verifier.

Image

• jpeg: image/jpeg
• png: image/png
• gif: image/gif
• webp image/webp

Audio

• wav: audio/x-wav
• ogg: audio/ogg

Limitation of integv

The integv verifier only checks the file by the format information embedded in file like file size in header, chunk size in chunk header, end of file markers, etc. It does not try to decode the file which makes integv fast and simple. But that also means the possibility of false negative (corrupted files can't be detected). The baseline of all integv file integrity verifiers must be extremely sensitive to shortened files, which is very common in file downloaded from the network. Some types of files like png contain checksum inside, which is less error-prone. By all means, do not use integv for any kind of security verification. As a bad file which passes the verification can be simply forged.

Effectiveness of integv on different types of corruption

Types of corruption:

• Small Deletion at the End of the file. (SDE)

A few bytes of data were deleted at the end of the file. The length of the file is reduced.

Original file:  ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZ
Corrupted file: ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXY

• Large Deletion at the End of the file. (LDE)

A large chunk of data was deleted at the end of the file. The length of the file is reduced.

Original file:  ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZ
Corrupted file: ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNO

• Small Substitution at the End of the file. (SSE)

A few bytes of data were substituted at the end of file. The length of the file remains the same.

Original file:  ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZ
Corrupted file: ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYA

• Large Substitution at the End of the file. (LSE)

A large chunk of data was substituted at the end of file. The length of the file remains the same.

Original file:  ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZ
Corrupted file: ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNAAAAAAAAAAAA

• Small Deletion at a Random position of the file. (SDR)

A few bytes of data were deleted at a random position of the file. The length of the file is reduced.

Original file:  ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZ
Corrupted file: ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLNOPQRSTUVWXYZ
                                                      ^

• Large Deletion at a Random position of the file. (LDR)

A large chunk of data was deleted at a random position of the file. The length of the file is reduced.

Original file:  ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZ
Corrupted file: ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLYZ
                                                      ^

• Small Substitution at a Random position of the file. (SSR)

A few bytes of data were substituted at a random position of the file. The length of the file remains the same.

Original file:  ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZ
Corrupted file: ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLANOPQRSTUVWXYZ
                                                      ^

• Large Substitution at a Random position of the file. (LSR)

A large chunk of data wass substituted at a random position of the file. The length of the file remains the same.

Original file:  ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZ
Corrupted file: ABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLAAAAAAAAAAWXYZ
                                                      ^

Effectiveness Table

From my personal experience, the most common types of corruption happen during file downloading using requests or similar things are SDE and LDE.

	SDE	LDE	SSE	LSE	SDR	LDR	SSR	LSR
mp4	:smiley:	:smiley:	:frowning:	:smiley:	:smiley:	:smiley:	:frowning:	:smiley:
mkv	:smiley:	:smiley:	:frowning:	:smiley:	:smiley:	:smiley:	:frowning:	:smiley:
webm	:smiley:	:smiley:	:frowning:	:smiley:	:smiley:	:smiley:	:frowning:	:smiley:
avi	:smiley:	:smiley:	:frowning:	:frowning:	:smiley:	:smiley:	:frowning:	:frowning:
flv	:smiley:	:smiley:	:smiley:	:smiley:	:smiley:	:smiley:	:frowning:	:smiley:
jpeg	:smiley:	:smiley:	:smiley:	:smiley:	:frowning:	:frowning:	:frowning:	:frowning:
png	:smiley:	:smiley:	:smiley:	:smiley:	:smiley:	:smiley:	:smiley:	:smiley:
gif	:smiley:	:smiley:	:smiley:	:smiley:	:frowning:	:frowning:	:frowning:	:frowning:
webp	:smiley:	:smiley:	:frowning:	:frowning:	:smiley:	:smiley:	:frowning:	:frowning:
wav	:smiley:	:smiley:	:frowning:	:frowning:	:smiley:	:smiley:	:frowning:	:frowning:
ogg	:smiley:	:smiley:	:frowning:	:smiley:	:smiley:	:smiley:	:frowning:	:smiley:
ogg(slow)	:smiley:	:smiley:	:smiley:	:smiley:	:smiley:	:smiley:	:smiley:	:smiley:

Advanced Usage

Using a FileIntegrityVerifier object

You can use a FileIntegrityVerifier object to verify your file just like integv.verify.

from integv import FileIntegrityVerifier

verifier = FileIntegrityVerifier()
verifier.verify("./test/sample/video/sample.mp4") # True

Specialized File Integrity Verifier

There are some specialized file integrity verifier for different types of files. You can find them in integv.video, integv.image and integv.audio. They are used exactly like the FileIntegrityVerifier except file_type are not needed.

from integv.video import MP4IntegrityVerifier

verifier = MP4IntegrityVerifier()
verifier.verify("./test/sample/video/sample.mp4") # True

Optional slow argument in verifier initialization

A boolean argument slow can be provided in verifier initialization. It will enable some sophisticated verification to eliminate false negatives. And that will consume more time. The default value of slow is False. For now, only one verifier, OGGIntegrityVerifier has a slow method of verification.

from integv import FileIntegrityVerifier

verifier = FileIntegrityVerifier()
slow_verifier = FileIntegrityVerifier(slow=True)

file_path = "./test/sample/audio/sample.ogg"
verifier.verify(file_path) # True
slow_verifier.verify(file_path) # also True, but slower