Package for signing and verifying pickle files
Project description
pylotte
Secure Pickle Serialization with RSA Signatures
pylotte is a lightweight Python utility that allows you to securely serialize Python objects with RSA digital signatures. It ensures the integrity and authenticity of your data by cryptographically signing serialized files and verifying them before loading.
✨ Features
- 🔐 Sign serialized files using an RSA private key
- ✅ Verify signatures with the corresponding public key
- 🛡️ Prevents tampering and ensures data authenticity
- 📦 Simple and minimal interface
- 🔄 Support for both
pickleanddillserialization
📦 Installation
Install directly from PyPI:
# Basic installation with pickle support
pip install pylotte
# With dill support for advanced serialization
pip install pylotte[dill]
🛠 Usage
Basic Usage with Pickle
from pylotte.signed_pickle import SignedPickle
# Initialize with RSA key paths
signer = SignedPickle(public_key_path="public.pem", private_key_path="private.pem")
# Data to serialize
data = {"user": "alice", "role": "admin"}
# Securely dump and sign the pickle file
signer.dump_and_sign(data, "data.pkl", "data.sig")
# Load and verify the signed pickle file
loader = SignedPickle(public_key_path="public.pem")
data_loaded = loader.safe_load("data.pkl", "data.sig")
Advanced Usage with Dill
from pylotte.signed_pickle import SignedPickle
# Initialize with dill serializer
signer = SignedPickle(
public_key_path="public.pem",
private_key_path="private.pem",
serializer="dill" # Use dill instead of pickle
)
# Complex data with lambda functions
data = {
"name": "bob",
"process": lambda x: x * 2,
"nested": {
"func": lambda y: y + 1
}
}
# Save and sign
signer.dump_and_sign(data, "data.pkl", "data.sig")
# Load and verify
loader = SignedPickle(public_key_path="public.pem", serializer="dill")
data_loaded = loader.safe_load("data.pkl", "data.sig")
# Use the loaded lambda functions
result = data_loaded["process"](5) # Returns 10
🔐 How It Works
-
dump_and_sign():- Serializes your data (using pickle or dill) and saves it to a file.
- Signs the file contents using an RSA private key.
- Stores the signature in a separate
.sigfile.
-
safe_load():- Reads the serialized file and its signature.
- Verifies the signature using the RSA public key.
- If valid, loads and returns the original data.
🔧 Requirements
- Python 3.9+
cryptographydill(optional, for advanced serialization)
📄 License
This project is licensed under the MIT License.
🌐 Links
- 📚 Documentation: GitHub Repository
- 🐛 Issue Tracker: Report Bugs
- 📦 PyPI: pylotte on PyPI
👤 Author
Developed by Alpamayo Solutions
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file pylotte-0.2.tar.gz.
File metadata
- Download URL: pylotte-0.2.tar.gz
- Upload date:
- Size: 10.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.11.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
bd2dd7206304c83a9fcf9248026c67a5fb44a666ddd5f6541904d986db72e0c9
|
|
| MD5 |
dbc61a678aa5928be9e6b0f531817e60
|
|
| BLAKE2b-256 |
182b9878e147bfa7300d12305de3eed308968d1c741283f7f4f8f14c066daa86
|
File details
Details for the file pylotte-0.2-py3-none-any.whl.
File metadata
- Download URL: pylotte-0.2-py3-none-any.whl
- Upload date:
- Size: 4.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.11.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
6a47e301c90f1617fe695203e4414c51220407f30495f976ba33e61ab9b71ec6
|
|
| MD5 |
651641deb1e6c5e869bfd81cda5d737e
|
|
| BLAKE2b-256 |
7a5378213ee569f6f1dedf3f60bd7dbcc22270c5be49aecb76ae6a299189487c
|
