Validator for SignedShot media authenticity proofs

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for felippemsc2 from gravatar.com felippemsc2

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT)
  • Tags signedshot , media , authenticity , validation , cryptography
  • Requires: Python >=3.8
Classifiers
Report project as malware

Project description

SignedShot

Verify SignedShot media authenticity proofs in Python.

PyPI

Installation

pip install signedshot

Quick Start

import signedshot

# Validate from files
result = signedshot.validate_files("photo.sidecar.json", "photo.jpg")

print(result.valid)   # True if all checks pass
print(result.error)   # Error message if validation failed

Usage

Validate from Files

result = signedshot.validate_files("photo.sidecar.json", "photo.jpg")

Validate from Bytes

with open("photo.sidecar.json") as f:
    sidecar_json = f.read()
with open("photo.jpg", "rb") as f:
    media_bytes = f.read()

result = signedshot.validate(sidecar_json, media_bytes)

Validate with Pre-loaded JWKS

Avoid HTTP calls by providing JWKS directly:

import requests

jwks = requests.get("https://api.signedshot.io/.well-known/jwks.json").text
result = signedshot.validate_with_jwks(sidecar_json, media_bytes, jwks)

Validation Result

result = signedshot.validate_files("photo.sidecar.json", "photo.jpg")

# Overall result
result.valid      # True/False
result.version    # Sidecar format version
result.error      # Error message (if any)

# Capture trust (JWT verification)
trust = result.capture_trust
trust["signature_valid"]   # JWT signature verified
trust["issuer"]            # API that issued the token
trust["publisher_id"]      # Publisher ID
trust["device_id"]         # Device ID
trust["capture_id"]        # Capture session ID
trust["method"]            # "sandbox", "app_check", or "app_attest"
trust["app_id"]            # App bundle ID (if attested)
trust["issued_at"]         # Unix timestamp

# Media integrity (content verification)
integrity = result.media_integrity
integrity["content_hash_valid"]   # SHA-256 hash matches
integrity["signature_valid"]      # ECDSA signature verified
integrity["capture_id_match"]     # Capture IDs match
integrity["content_hash"]         # SHA-256 of media
integrity["captured_at"]          # ISO8601 timestamp

# Export
result.to_dict()   # Convert to dictionary
result.to_json()   # Convert to JSON string

What It Validates

  1. Capture Trust (JWT)

    • Fetches JWKS from issuer
    • Verifies ES256 signature
    • Extracts attestation claims

  2. Media Integrity

    • Computes SHA-256 of media
    • Verifies ECDSA signature
    • Confirms capture_id matches

Links

License

MIT

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for felippemsc2 from gravatar.com felippemsc2

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT)
  • Tags signedshot , media , authenticity , validation , cryptography
  • Requires: Python >=3.8
Classifiers

Release history Release notifications | RSS feed

0.1.9

0.1.8

0.1.7

This version

0.1.5

0.1.4

0.1.3

0.1.2

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

signedshot-0.1.5.tar.gz (30.9 kB view details)

Uploaded Source

Built Distributions

If you're not sure about the file name format, learn more about wheel file names.

signedshot-0.1.5-cp312-cp312-win_amd64.whl (1.8 MB view details)

Uploaded CPython 3.12Windows x86-64

signedshot-0.1.5-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (2.2 MB view details)

Uploaded CPython 3.12manylinux: glibc 2.17+ x86-64

signedshot-0.1.5-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl (2.2 MB view details)

Uploaded CPython 3.12manylinux: glibc 2.17+ ARM64

signedshot-0.1.5-cp312-cp312-macosx_11_0_arm64.whl (1.9 MB view details)

Uploaded CPython 3.12macOS 11.0+ ARM64

signedshot-0.1.5-cp312-cp312-macosx_10_12_x86_64.whl (2.0 MB view details)

Uploaded CPython 3.12macOS 10.12+ x86-64

File details

Details for the file signedshot-0.1.5.tar.gz.

File metadata

  • Download URL: signedshot-0.1.5.tar.gz
  • Upload date:
  • Size: 30.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for signedshot-0.1.5.tar.gz
Algorithm Hash digest
SHA256 93967f0f9501a1ce4b1cf48c08f85a158253d892653cdde5175e7e62670f95a3
MD5 e4d443bc08a7ec2e3c311b8b5184ea91
BLAKE2b-256 4c3b7fd844a532f012f2eccc9f6cce37b23131cd7f3181010df69e245b0190f0

See more details on using hashes here.

Provenance

The following attestation bundles were made for signedshot-0.1.5.tar.gz:

Publisher: release.yml on SignedShot/signedshot-validator

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file signedshot-0.1.5-cp312-cp312-win_amd64.whl.

File metadata

  • Download URL: signedshot-0.1.5-cp312-cp312-win_amd64.whl
  • Upload date:
  • Size: 1.8 MB
  • Tags: CPython 3.12, Windows x86-64
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for signedshot-0.1.5-cp312-cp312-win_amd64.whl
Algorithm Hash digest
SHA256 9e7f13cc1e3f8de6db816e7fea560b1e32fdb20fedd7b457581788fc9d1c86f8
MD5 4820b3bfa7f8914aaf40f9710bbe38ea
BLAKE2b-256 5f0d1b6b9b871e1491673abe0f654b144e139a4c6fdb8e4b1eab288a759bd61b

See more details on using hashes here.

Provenance

The following attestation bundles were made for signedshot-0.1.5-cp312-cp312-win_amd64.whl:

Publisher: release.yml on SignedShot/signedshot-validator

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file signedshot-0.1.5-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.

File metadata

File hashes

Hashes for signedshot-0.1.5-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm Hash digest
SHA256 3f4397073bf05ac0599d995e14455add3aafecc74e64f7e30fef010c7ed7cf01
MD5 4f913876b3c7c588d5b01c80f45ee48b
BLAKE2b-256 a1aecebe729a2fa0b0a4c62693880921dc3ecc3bc40fc00555e159af55bd5247

See more details on using hashes here.

Provenance

The following attestation bundles were made for signedshot-0.1.5-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl:

Publisher: release.yml on SignedShot/signedshot-validator

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file signedshot-0.1.5-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl.

File metadata

File hashes

Hashes for signedshot-0.1.5-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl
Algorithm Hash digest
SHA256 9917493f0fe43df2a06bf31fbe864108afa325e42abb50049bd899c2647b4e1f
MD5 dca6752972e375a2bd10b923c4dc6cc9
BLAKE2b-256 90e9de7d911219718a5df4bbf855280ac42f9a97795558fc428f83a6a32fc719

See more details on using hashes here.

Provenance

The following attestation bundles were made for signedshot-0.1.5-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl:

Publisher: release.yml on SignedShot/signedshot-validator

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file signedshot-0.1.5-cp312-cp312-macosx_11_0_arm64.whl.

File metadata

File hashes

Hashes for signedshot-0.1.5-cp312-cp312-macosx_11_0_arm64.whl
Algorithm Hash digest
SHA256 59cd332d7c371962d3485c1d8b968864238327d67f3bf4c0be7ebcbcf7ef9582
MD5 6d1ec98fff68569f6aa049888c77d78b
BLAKE2b-256 984feb5036a4932d19b19af0cd00f7cfac0045bfe1633e64558bb4a8b4d824c4

See more details on using hashes here.

Provenance

The following attestation bundles were made for signedshot-0.1.5-cp312-cp312-macosx_11_0_arm64.whl:

Publisher: release.yml on SignedShot/signedshot-validator

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file signedshot-0.1.5-cp312-cp312-macosx_10_12_x86_64.whl.

File metadata

File hashes

Hashes for signedshot-0.1.5-cp312-cp312-macosx_10_12_x86_64.whl
Algorithm Hash digest
SHA256 0f6cd82a3512edff0137469979f727547af6fabca3c95af370c1894d85f61880
MD5 75c83fdffadf513bf43ea55b052e9f1d
BLAKE2b-256 39ffabbbc5383859b555693dcba6f3444315957fef8d1c83468c9f3b4c9dc133

See more details on using hashes here.

Provenance

The following attestation bundles were made for signedshot-0.1.5-cp312-cp312-macosx_10_12_x86_64.whl:

Publisher: release.yml on SignedShot/signedshot-validator

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page