Skip to main content

Python wrapper for libksi, a library for accessing Guardtime KSI service

Project description

This is a thin wrapper on top of KSI C SDK. Experimental, non-supported code.

Synopsis

Example of synchronous singing and verification.

import ksi
import hashlib

# Instantiate service parameters from the environment
KSI = ksi.KSI(**ksi.ksi_env())

# Sign a text string
sig = KSI.sign_hash(hashlib.sha256(b"Tere!"))
# Print some signature properties
print(sig.get_signing_time(), sig.get_signer_id())

# Now verify this text string, first obtaining a data hasher
h = sig.get_hasher()
h.update(b"Tere!")
print(KSI.verify_hash(sig, h))

# Obtain a binary blob which can be stored for long term
serialized_signature = sig.get_binary()

# Some time have passed, fetch the signature and verify again
sig2 = KSI.new_signature_object(serialized_signature)
print(KSI.verify_hash(sig2, h))

Note that asynchronous signing can provide a significant speedup when multiple signatures are requested. Example of asynchronous singing with gevent.

import ksi
import hashlib
from gevent.pool import Pool

# Instantiate service parameters from the environment
KSI = ksi.KSI(**ksi.ksi_env())

# Multiple strings to be signed
string_list = ["This", "is", "a", "list", "of", "strings"]

# Define a signer function.
def sign_hash(h):
  sig = KSI.sign_hash(h)
  # Verification and/or storing could be done here
  print(KSI.verify_hash(sig, h))

# Create a gevent pool. Note that for optimal efficiency
# pool size should not be smaller than
# ``KSI.get_async_config()['max_pending_count']``
pool = Pool(100)

# Sign all strings asynchronously
for string in string_list:
  pool.spawn(sign_hash, hashlib.sha256(string.encode()))
pool.join()

Client-side aggregation (signing in blocks) is also possible if the KSI Gateway allows it. This means that multiple hashes can be individually signed by a single request to the Gateway server. In addition, if block signing is allowed, the asynchronous signing service will by default dynamically sign in blocks depending on if the signing requests demand becomes too large to efficiently sign them one-by-one. Example of signing a block of hashes synchronously (asynchronous block signing is supported as well).

import ksi
import hashlib

# Instantiate service parameters from the environment
KSI = ksi.KSI(**ksi.ksi_env())

# Multiple strings to be signed
string_list = ["This", "is", "a", "list", "of", "strings"]

# Hashes of strings
hash_list = [hashlib.sha256(string.encode()) for string in string_list]

# Sign hashes in a block
sigs = KSI.sign_hash_list(hash_list)

# Verify hashes
for i in range(len(sigs)):
    print(KSI.verify_hash(sigs[i], hash_list[i]))

Install

  1. Requirements: Python 2.7+ or Python 3.1+. Jython, IronPython are not supported.

  2. Install fresh libksi aka KSI C SDK; see https://github.com/guardtime/libksi/

  3. Install python-devel package

  4. Run:

    > pip install ksi-python

or

> easy_install ksi-python

Tests

Specify KSI Gateway access parameters and run

> python setup.py test

To test if KSI Python SDK signs asynchronously with gevent, make sure gevent is installed.

Documentation

http://guardtime.github.io/ksi-python/

Type:

> pydoc ksi

to read the documentation after installation. Generating html or pdf documentation: make sure that dependencies like sphinx (pip install sphinx) are installed, extension is built (python setup.py build) and run:

> cd docs
> make html
or
> make latexpdf

License

Apache 2.0. Please contact Guardtime for supported options.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ksi-python-1.0.0.tar.gz (22.8 kB view details)

Uploaded Source

File details

Details for the file ksi-python-1.0.0.tar.gz.

File metadata

  • Download URL: ksi-python-1.0.0.tar.gz
  • Upload date:
  • Size: 22.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.12.1 pkginfo/1.4.2 requests/2.19.1 setuptools/39.2.0 requests-toolbelt/0.8.0 tqdm/4.26.0 CPython/3.7.0

File hashes

Hashes for ksi-python-1.0.0.tar.gz
Algorithm Hash digest
SHA256 69645d3711616a86d20d57655ce655bee5389102f96f5dff927c635bffdd8357
MD5 7ccd0de4f32d3f36c678a6c89a953757
BLAKE2b-256 758985e4802ce4ef5467b6001b240147dc8c1b25e300036de1c30f0daeb54be2

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page