Validator for SignedShot media authenticity proofs

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for felippemsc2 from gravatar.com felippemsc2

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT)
  • Tags signedshot , media , authenticity , validation , cryptography
  • Requires: Python >=3.8
Classifiers
Report project as malware

Project description

SignedShot

Verify SignedShot media authenticity proofs in Python.

PyPI

Installation

pip install signedshot

Quick Start

import signedshot

# Validate from files
result = signedshot.validate_files("photo.sidecar.json", "photo.jpg")

print(result.valid)   # True if all checks pass
print(result.error)   # Error message if validation failed

Usage

Validate from Files

result = signedshot.validate_files("photo.sidecar.json", "photo.jpg")

Validate from Bytes

with open("photo.sidecar.json") as f:
    sidecar_json = f.read()
with open("photo.jpg", "rb") as f:
    media_bytes = f.read()

result = signedshot.validate(sidecar_json, media_bytes)

Validate with Pre-loaded JWKS

Avoid HTTP calls by providing JWKS directly:

import requests

jwks = requests.get("https://api.signedshot.io/.well-known/jwks.json").text
result = signedshot.validate_with_jwks(sidecar_json, media_bytes, jwks)

Validation Result

result = signedshot.validate_files("photo.sidecar.json", "photo.jpg")

# Overall result
result.valid      # True/False
result.version    # Sidecar format version
result.error      # Error message (if any)

# Capture trust (JWT verification)
trust = result.capture_trust
trust["signature_valid"]   # JWT signature verified
trust["issuer"]            # API that issued the token
trust["publisher_id"]      # Publisher ID
trust["device_id"]         # Device ID
trust["capture_id"]        # Capture session ID
trust["method"]            # "sandbox", "app_check", or "app_attest"
trust["app_id"]            # App bundle ID (if attested)
trust["issued_at"]         # Unix timestamp

# Media integrity (content verification)
integrity = result.media_integrity
integrity["content_hash_valid"]   # SHA-256 hash matches
integrity["signature_valid"]      # ECDSA signature verified
integrity["capture_id_match"]     # Capture IDs match
integrity["content_hash"]         # SHA-256 of media
integrity["captured_at"]          # ISO8601 timestamp

# Export
result.to_dict()   # Convert to dictionary
result.to_json()   # Convert to JSON string

What It Validates

  1. Capture Trust (JWT)

    • Fetches JWKS from issuer
    • Verifies ES256 signature
    • Extracts attestation claims

  2. Media Integrity

    • Computes SHA-256 of media
    • Verifies ECDSA signature
    • Confirms capture_id matches

Links

License

MIT

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for felippemsc2 from gravatar.com felippemsc2

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT)
  • Tags signedshot , media , authenticity , validation , cryptography
  • Requires: Python >=3.8
Classifiers

Release history Release notifications | RSS feed

This version

0.1.9

0.1.8

0.1.7

0.1.5

0.1.4

0.1.3

0.1.2

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

signedshot-0.1.9.tar.gz (36.5 kB view details)

Uploaded Source

Built Distributions

If you're not sure about the file name format, learn more about wheel file names.

signedshot-0.1.9-cp312-cp312-win_amd64.whl (2.2 MB view details)

Uploaded CPython 3.12Windows x86-64

signedshot-0.1.9-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (2.6 MB view details)

Uploaded CPython 3.12manylinux: glibc 2.17+ x86-64

signedshot-0.1.9-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl (2.6 MB view details)

Uploaded CPython 3.12manylinux: glibc 2.17+ ARM64

signedshot-0.1.9-cp312-cp312-macosx_11_0_arm64.whl (2.3 MB view details)

Uploaded CPython 3.12macOS 11.0+ ARM64

signedshot-0.1.9-cp312-cp312-macosx_10_12_x86_64.whl (2.4 MB view details)

Uploaded CPython 3.12macOS 10.12+ x86-64

File details

Details for the file signedshot-0.1.9.tar.gz.

File metadata

  • Download URL: signedshot-0.1.9.tar.gz
  • Upload date:
  • Size: 36.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for signedshot-0.1.9.tar.gz
Algorithm Hash digest
SHA256 6b1e601d8e49dfc2c4ab2da34f952f255f519359f05ddddd8123b39c573360ae
MD5 3325a73db07db77021e65167f9aca357
BLAKE2b-256 77a3094b204221984bbb8b70f7ae55f3ab560ed43ddaf6636b4772e55b3a45fa

See more details on using hashes here.

Provenance

The following attestation bundles were made for signedshot-0.1.9.tar.gz:

Publisher: release.yml on SignedShot/signedshot-validator

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file signedshot-0.1.9-cp312-cp312-win_amd64.whl.

File metadata

  • Download URL: signedshot-0.1.9-cp312-cp312-win_amd64.whl
  • Upload date:
  • Size: 2.2 MB
  • Tags: CPython 3.12, Windows x86-64
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for signedshot-0.1.9-cp312-cp312-win_amd64.whl
Algorithm Hash digest
SHA256 a4d14a2b7cc51d38751ab58ce0c071dc07d9b6da70cace08396881122aa18fd6
MD5 8fb42074c7619fa3dec9c58a8e0a6e3b
BLAKE2b-256 5056be757ba9ced73e845f5244559d8cbd4867466e520e1eb7e2372d3ca377da

See more details on using hashes here.

Provenance

The following attestation bundles were made for signedshot-0.1.9-cp312-cp312-win_amd64.whl:

Publisher: release.yml on SignedShot/signedshot-validator

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file signedshot-0.1.9-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl.

File metadata

File hashes

Hashes for signedshot-0.1.9-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
Algorithm Hash digest
SHA256 8c2937f1a115a20d4fcbbdd258a14564581f006bdc62c8ab184424e9e727eeff
MD5 7df0c1ffc7fbef1fd30fb700588aceb9
BLAKE2b-256 09df26e15ffe6ff55668db082f02c66af644aa26cba535b6cacbcd2ec3014602

See more details on using hashes here.

Provenance

The following attestation bundles were made for signedshot-0.1.9-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl:

Publisher: release.yml on SignedShot/signedshot-validator

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file signedshot-0.1.9-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl.

File metadata

File hashes

Hashes for signedshot-0.1.9-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl
Algorithm Hash digest
SHA256 efcfcdaa353d44c119f33a1229c3960c0ca4ac1d3e11256160d7dd5b651d35b2
MD5 b5e17225ba4b2d47313c206a54a74a2a
BLAKE2b-256 209fdc068349c229540a46e061c3e3a9b5a27a3a6d96cf7834ae8c5725630d83

See more details on using hashes here.

Provenance

The following attestation bundles were made for signedshot-0.1.9-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl:

Publisher: release.yml on SignedShot/signedshot-validator

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file signedshot-0.1.9-cp312-cp312-macosx_11_0_arm64.whl.

File metadata

File hashes

Hashes for signedshot-0.1.9-cp312-cp312-macosx_11_0_arm64.whl
Algorithm Hash digest
SHA256 f843a142d6b3f0a9d571fae32aed531bb30a65dbe7e2401fda4179062de5826b
MD5 6493e9ebd55bc2d8c6d96c02cba60123
BLAKE2b-256 c334fff8079d1093c1022bd7b0f72fb6a024c69f128cc1a6e97d0449a63e0b51

See more details on using hashes here.

Provenance

The following attestation bundles were made for signedshot-0.1.9-cp312-cp312-macosx_11_0_arm64.whl:

Publisher: release.yml on SignedShot/signedshot-validator

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file signedshot-0.1.9-cp312-cp312-macosx_10_12_x86_64.whl.

File metadata

File hashes

Hashes for signedshot-0.1.9-cp312-cp312-macosx_10_12_x86_64.whl
Algorithm Hash digest
SHA256 a43200ae6540b0450698e8b1b1bf3ac7831d4cadb0081f4d65694171f0e60598
MD5 02cb226bec1349d502fa655d293c5219
BLAKE2b-256 1c1f0c482ab259797cc68db6e1d8f1a6283bd261750ec903e7eee89d07082537

See more details on using hashes here.

Provenance

The following attestation bundles were made for signedshot-0.1.9-cp312-cp312-macosx_10_12_x86_64.whl:

Publisher: release.yml on SignedShot/signedshot-validator

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page