Sign JSON objects with ED25519 signatures
Switch branches/tags
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
signedjson
tests
.gitignore
.travis.yml
LICENSE
MANIFEST.in
README.rst
requirements.txt
setup.py
tox.ini

README.rst

Signed JSON

Latest Version

Signs JSON objects with ED25519 signatures.

Features

  • More than one entity can sign the same object.
  • Each entity can sign the object with more than one key making it easier to rotate keys
  • ED25519 can be replaced with a different algorithm.
  • Unprotected data can be added to the object under the "unsigned" key.

Installing

pip install signedjson

Using

from signedjson.key import generate_signing_key, get_verify_key
from signedjson.sign import (
    sign_json, verify_signed_json, SignatureVerifyException
)

signing_key = generate_signing_key('zxcvb')
signed_json = sign_json({'my_key': 'my_data'}, 'Alice', signing_key)

verify_key = get_verify_key(signing_key)

try:
    verify_signed_json(signed_json, 'Alice', verify_key)
    print 'Signature is valid'
except SignatureVerifyException:
    print 'Signature is invalid'

Format

{
    "<protected_name>": "<protected_value>",
    "signatures": {
        "<entity_name>": {
            "ed25519:<key_id>": "<unpadded_base64_signature>"
        }
    },
    "unsigned": {
        "<unprotected_name>": "<unprotected_value>",
    }
}