Python wrapper for libksi, a library for accessing Guardtime KSI service
Project description
This is a thin wrapper on top of KSI C SDK. Experimental, non-supported code.
Synopsis
Example of synchronous singing and verification.
import ksi import hashlib # Instantiate service parameters from the environment KSI = ksi.KSI(**ksi.ksi_env()) # Sign a text string sig = KSI.sign_hash(hashlib.sha256(b"Tere!")) # Print some signature properties print(sig.get_signing_time(), sig.get_signer_id()) # Now verify this text string, first obtaining a data hasher h = sig.get_hasher() h.update(b"Tere!") print(KSI.verify_hash(sig, h)) # Obtain a binary blob which can be stored for long term serialized_signature = sig.get_binary() # Some time have passed, fetch the signature and verify again sig2 = KSI.new_signature_object(serialized_signature) print(KSI.verify_hash(sig2, h))
Note that asynchronous signing can provide a significant speedup when multiple signatures are requested. Example of asynchronous singing with gevent.
import ksi import hashlib from gevent.pool import Pool # Instantiate service parameters from the environment KSI = ksi.KSI(**ksi.ksi_env()) # Multiple strings to be signed string_list = ["This", "is", "a", "list", "of", "strings"] # Define a signer function. def sign_hash(h): sig = KSI.sign_hash(h) # Verification and/or storing could be done here print(KSI.verify_hash(sig, h)) # Create a gevent pool. Note that for optimal efficiency # pool size should not be smaller than # ``KSI.get_async_config()['max_pending_count']`` pool = Pool(100) # Sign all strings asynchronously for string in string_list: pool.spawn(sign_hash, hashlib.sha256(string.encode())) pool.join()
Client-side aggregation (signing in blocks) is also possible if the KSI Gateway allows it. This means that multiple hashes can be individually signed by a single request to the Gateway server. In addition, if block signing is allowed, the asynchronous signing service will by default dynamically sign in blocks depending on if the signing requests demand becomes too large to efficiently sign them one-by-one. Example of signing a block of hashes synchronously (asynchronous block signing is supported as well).
import ksi import hashlib # Instantiate service parameters from the environment KSI = ksi.KSI(**ksi.ksi_env()) # Multiple strings to be signed string_list = ["This", "is", "a", "list", "of", "strings"] # Hashes of strings hash_list = [hashlib.sha256(string.encode()) for string in string_list] # Sign hashes in a block sigs = KSI.sign_hash_list(hash_list) # Verify hashes for i in range(len(sigs)): print(KSI.verify_hash(sigs[i], hash_list[i]))
Install
Requirements: Python 2.7+ or Python 3.1+. Jython, IronPython are not supported.
Install fresh libksi aka KSI C SDK; see https://github.com/guardtime/libksi/
Install python-devel package
Run:
> pip install ksi-python
or
> easy_install ksi-python
Tests
Specify KSI Gateway access parameters and run
> python setup.py test
To test if KSI Python SDK signs asynchronously with gevent, make sure gevent is installed.
Documentation
http://guardtime.github.io/ksi-python/
Type:
> pydoc ksi
to read the documentation after installation. Generating html or pdf documentation: make sure that dependencies like sphinx (pip install sphinx) are installed, extension is built (python setup.py build) and run:
> cd docs > make html or > make latexpdf
License
Apache 2.0. Please contact Guardtime for supported options.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
| Filename, size | File type | Python version | Upload date | Hashes |
|---|---|---|---|---|
| Filename, size ksi-python-1.0.0.tar.gz (22.8 kB) | File type Source | Python version None | Upload date | Hashes View |