Skip to main content

Sign JSON with Ed25519 signatures

Project description

Latest Version https://img.shields.io/travis/matrix-org/python-signedjson.svg

Signs JSON objects with ED25519 signatures.

Features

  • More than one entity can sign the same object.

  • Each entity can sign the object with more than one key making it easier to rotate keys

  • ED25519 can be replaced with a different algorithm.

  • Unprotected data can be added to the object under the "unsigned" key.

Installing

pip install signedjson

Using

from signedjson.key import generate_signing_key, get_verify_key
from signedjson.sign import (
    sign_json, verify_signed_json, SignatureVerifyException
)

signing_key = generate_signing_key('zxcvb')
signed_json = sign_json({'my_key': 'my_data'}, 'Alice', signing_key)

verify_key = get_verify_key(signing_key)

try:
    verify_signed_json(signed_json, 'Alice', verify_key)
    print 'Signature is valid'
except SignatureVerifyException:
    print 'Signature is invalid'

Format

{
    "<protected_name>": "<protected_value>",
    "signatures": {
        "<entity_name>": {
            "ed25519:<key_id>": "<unpadded_base64_signature>"
        }
    },
    "unsigned": {
        "<unprotected_name>": "<unprotected_value>",
    }
}

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

signedjson-1.1.4.tar.gz (13.6 kB view hashes)

Uploaded source

Built Distribution

signedjson-1.1.4-py3-none-any.whl (10.7 kB view hashes)

Uploaded py3

Supported by

AWS AWS Cloud computing Datadog Datadog Monitoring Facebook / Instagram Facebook / Instagram PSF Sponsor Fastly Fastly CDN Google Google Object Storage and Download Analytics Huawei Huawei PSF Sponsor Microsoft Microsoft PSF Sponsor NVIDIA NVIDIA PSF Sponsor Pingdom Pingdom Monitoring Salesforce Salesforce PSF Sponsor Sentry Sentry Error logging StatusPage StatusPage Status page