apsig.proof
apsig.proof provide signer and verifier implementation of FEP-8b32: Object Integrity Proofs.
ProofSigner
A class for signing documents using the Ed25519 signature algorithm, implementing Object Integrity Proofs as specified in FEP-8b32.
This class provides methods to generate keys, sign data, canonicalize documents, and create integrity proofs.
Attributes:
| Name | Type | Description |
|---|---|---|
|
|
The Ed25519 private key used for signing. |
|
|
The corresponding Ed25519 public key. |
Methods:
| Name | Description |
|---|---|
|
dict, options: dict) -> dict: Creates a proof for the unsecured document using the specified options. |
|
dict, options: dict) -> dict: Signs the unsecured document by creating a proof and returning the signed document. |
create_proof(unsecured_document, options)
Creates a proof for the unsecured document using the specified options.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
unsecured_document
|
|
The document for which the proof is created. |
required |
options
|
|
Options that define how the proof is structured. |
required |
Returns:
| Name | Type | Description |
|---|---|---|
dict |
The proof object containing the proof value and other relevant information. |
sign(unsecured_document, options)
Signs the unsecured document by creating a proof and returning the signed document.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
unsecured_document
|
|
The document to be signed. |
required |
options
|
|
Options that define the signing process. |
required |
Returns:
| Name | Type | Description |
|---|---|---|
dict |
The signed document, including the proof. |
ProofVerifier
A class for verifying documents signed using the Ed25519 signature algorithm, implementing Object Integrity Proofs as specified in FEP-8b32.
Attributes:
| Name | Type | Description |
|---|---|---|
|
|
The Ed25519 public key used for verification. |
Methods:
| Name | Description |
|---|---|
|
dict) -> dict: Verifies the proof contained in the secured document. |
|
dict) -> dict: An alias for the verify_proof method. |
__init__(public_key)
Initializes the ProofVerifier with a public key.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
public_key
|
|
The Ed25519 public key as an object or a multibase-encoded string. |
required |
Raises:
| Type | Description |
|---|---|
|
If the provided public key is not of type Ed25519. |
verify(secured_document, raise_on_fail=False)
An alias for the verify_proof method.
This method calls verify_proof to perform the actual verification of the proof contained in the secured document.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
secured_document
|
|
The document containing the proof to be verified. |
required |
Returns:
| Name | Type | Description |
|---|---|---|
dict |
|
The result of the proof verification. |
verify_proof(secured_document, raise_on_fail=False)
Verifies the proof contained in the secured document.
This method checks the integrity and authenticity of the secured document by validating the associated proof. It verifies the signature against the hash of the transformed document and the canonical proof configuration.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
secured_document
|
|
The document containing the proof to be verified. |
required |
raise_on_fail
|
|
Return error on failure. defaults to False. |
False
|
Returns:
| Name | Type | Description |
|---|---|---|
dict |
|
A dictionary containing:
- bool: |
Raises:
| Type | Description |
|---|---|
|
If the proof is not found in the document. |