zerolib.integrity
- Working with data integrity¶
This module provides functions and classes for signing and verifying data with appropriate abstration.
It defines the following public functions and classes.
Bitcoin key pair¶
-
key_pair
()¶ Generate a public key and a secret key, returning a tuple containing
(publickey, secretkey)
.Return type: (PublicKey, SecretKey)
-
public_digest
(publickey)¶ Convert a public key to its
ripemd160(sha256())
digest, returning the raw 20-byte digest.Return type: bytes
Bitcoin address¶
-
compute_public_address
(publickey)¶ Convert a public key to a public Bitcoin address, returning a Base58Check-encoded string.
Return type: str
-
compute_secret_address
(secretkey)¶ Convert a secret key to a secret Bitcoin address, returning a Base58Check-encoded string.
Return type: str
-
bitcoin_address
()¶ Generate a public address and a secret address, returing a tuple
(public_address, secret_address)
containing two Base58Check-encoded strings.Return type: (str, str)
-
address_public_digest
(address)¶ Convert a public Bitcoin address to its
ripemd160(sha256())
digest, returning the raw 20-byte digest.Return type: bytes
-
decode_secret_key
(address)¶ Convert a secret Bitcoin address to a secret key, returning the secret key as a SecretKey object.
Return type: SecretKey
Digital signature¶
-
recover_public_key
(signature, message)¶ Recover the public key from the signature and the message, returning a PublicKey object. The recovered public key guarantees a correct signature.
Parameters: - signature (bytes) – the raw signature.
- message (bytes) – the message.
Returns: a PublicKey object.
-
sign_data
(secretkey, byte_string)¶ Sign the message
byte_string
withsecretkey
, returing a 65-byte serialized signature as a bytes-like string. The returned signature is compatible with ZeroNet (i.e. in the Electrum format)Parameters: - secretkey (SecretKey) – the secret key.
- byte_string (bytes) – the message.
Returns: a 65-byte binary string.
-
verify_data
(key_digest, electrum_signature, byte_string)¶ Verify if
electrum_signature
is the signature for the messagebyte_string
and is produced with the secret counterpart ofkey_digest
.Parameters: - key_digest (bytes) – the raw
ripemd160(sha256())
digest of the public key. - electrum_signature (bytes) – the raw signature.
- byte_string (bytes) – the message.
Raises: - SignatureError – if it finds the signature forged or otherwise problematic.
- ValueError – if it finds the signature cannot be parsed.
- key_digest (bytes) – the raw
Message digest¶
Note
Unless otherwise noted, algo='sha512'
refers to the SHA-512/256 algorithm.
-
digest_bytes
(data, algo='sha512')¶ Compute the digest of
data
, a bytes-like object, returing a tuple containing(digest, data_length)
. The first element is the raw digest. The second element is the length of the given data.Parameters: - data (bytes) – the data to digest.
- algo (str) – the name of the digest algorithm.
Returns: a two-element tuple.
Return type: (bytes, int)
-
verify_digest_bytes
(data, expect_digest, expect_size = None, algo='sha512')¶ Verify if
data
have the expected digestexpect_digest
and have the expected sizeexpect_size
. Ifexpect_size
is None, then data size will not be checked.Parameters: - data (bytes) – the data to digest.
- expect_digest (bytes) – the expected raw digest.
- expect_size (int or None) – the expected data size.
Raises: DigestError – if the digest or size does not match.
-
digest_stream
(stream, algo='sha512')¶ Compute the digest of stream, a stream-like object, returning a tuple containing
(digest, stream_size)
. The first element is the raw digest. The second element is the length of the given data.Parameters: - stream (BytesIO) – the stream to read data from and digest.
- algo (str) – the name of the digest algorithm.
Returns: a two-element tuple.
Return type: (bytes, int)
-
verify_digest_stream
(stream, expect_digest, expect_size = None, algo='sha512')¶ Verify if the data read from
stream
have the expected digestexpect_digest
and have the expected sizeexpect_size
. Ifexpect_size
is None, then stream size will not be checked.Raises: DigestError – if the digest or size does not match.
-
digest_file
(path, algo='sha512')¶ Compute the data digest of the file located at the given path. The parameter
path
should be a unicode string. Returns a tuple containing(digest, stream_size)
. The first element is the raw digest. The second element is the length of the given data.Parameters: - path (str) – the path to the file to read data from and digest.
- algo (str) – the name of the digest algorithm.
Returns: a two-element tuple.
Return type: (bytes, int)
-
verify_digest_file
(path, expect_digest, expect_size=None, algo='sha512')¶ Verify if the file at
path
has the expected digestexpect_digest
and have the expected sizeexpect_size
. Ifexpect_size
is None, then file size will not be checked.Raises: DigestError – if the digest or size does not match.
Utilities¶
-
dumps
(json_dict, compact=False)¶ Pack the given dictionary to a JSON string, returning a unicode string. Note that the return value is NOT a bytes-like string.
If
compact
is True, the JSON string will be tightly packed. Ifcompact
is False, the keys will be sorted and the JSON object will be pretty-printed.Parameters: - json_dict (dict) – the dictionary to stringify.
- compact (bool) – the formatting option.
Return type: str