Skip to main content

Object signing and signature verification module

Project description

Signethic

signethic logo

A Python module to easily and quickly cryptographically sign a "thing". The "thing" in question can be anything like a string, or any binary sequence. The binary sequence could be the output of a serializer, pickling, shelving, compiled code, encoder, compression or pretty much anything else. The digital signature based on Public-Key Cryptography Standards (PKCS) prevents tampering.

Note that this is not doing any encryption, only signing. This protects the "thing" from manipulation, but not from reading. Your overall cybersecurity strategy should also cover encryption at rest, encryption in flight and least privileges, along with all the other best practices in this area.

Installation

From source

python setup.py install

From pypi

pip install signethic

Quickstart

Signing a "thing" and saving to a binary file that will contain the digital signature (PKCS) and the "thing". In this case, a string:

from signetic import sign_and_persist


thing = "the result of our campaign #12345 resulted in sales of $54321.00"

signature = sign_and_persist(thing, path="result.signed")

Verifying a file that has been signed, returning the "thing" if the signature is verified:

from signetic import verify_file

public_key = 

thing = verify_file("result.signed", public_key)

Command Line

After installing signethic, a command line is available. With no argument, it will generate a private and public key, create a string, sign it, verify it, save a binary file with the signature and string and verify that file. (see main() for the details of the steps).

Calling signethic with a filename will generate a new file with the .signed extension that includes the signature and the file. It will be signed using the key signing_key.pem in the current directory, by default. To specify a different signing key, use an environment variable:

export SIGNING_KEY=/path/to/key.pem

Requirements

This version uses pycryptodome to provide the pycrypto package. Version is unfrozen, so you can preinstall whichever version of pycryptodome you have validated, and signethic will use that.

For example, to use latest pycryptodome from conda-forge:

conda install -c conda-forge pycryptodome

If you prefer to use the original pycrypto, install version 0.2 (pip install signethic==0.2)

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

signethic-0.3.1.tar.gz (5.2 kB view details)

Uploaded Source

Built Distribution

signethic-0.3.1-py3-none-any.whl (5.6 kB view details)

Uploaded Python 3

File details

Details for the file signethic-0.3.1.tar.gz.

File metadata

  • Download URL: signethic-0.3.1.tar.gz
  • Upload date:
  • Size: 5.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.11.0 pkginfo/1.8.2 requests/2.25.1 setuptools/52.0.0.post20210125 requests-toolbelt/0.9.1 tqdm/4.59.0 CPython/3.8.5

File hashes

Hashes for signethic-0.3.1.tar.gz
Algorithm Hash digest
SHA256 5f6aa96e176747aea6e858f1c90ca9df84b7dad383857817e3a88bdb7a7f9044
MD5 41226b5f5893aa5b98ac02b2d5a27a50
BLAKE2b-256 cb871977b2160825f8cc84a253aa08e8a51f9d381a7e354e8b366cbba6388421

See more details on using hashes here.

File details

Details for the file signethic-0.3.1-py3-none-any.whl.

File metadata

  • Download URL: signethic-0.3.1-py3-none-any.whl
  • Upload date:
  • Size: 5.6 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.11.0 pkginfo/1.8.2 requests/2.25.1 setuptools/52.0.0.post20210125 requests-toolbelt/0.9.1 tqdm/4.59.0 CPython/3.8.5

File hashes

Hashes for signethic-0.3.1-py3-none-any.whl
Algorithm Hash digest
SHA256 d5d5388f2058e418dbcacba6e9d1c057edb58a6b894d06bd1abc13768f941837
MD5 4604565f9e262cc270ffef1b04783ca0
BLAKE2b-256 a517c0c04177998540bb257387308f2fc1fd5336b60ceb59ca32e9acaf4ca95a

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page