`zerolib.integrity` - Working with data integrity¶

This module provides functions and classes for signing and verifying data with appropriate abstration.

It defines the following public functions and classes.

Bitcoin key pair¶

key_pair()¶

Generate a public key and a secret key, returning a tuple containing (publickey, secretkey).

Return type:	(PublicKey, SecretKey)

public_digest(publickey)¶

Convert a public key to its ripemd160(sha256()) digest, returning the raw 20-byte digest.

Return type:	bytes

Bitcoin address¶

compute_public_address(publickey)¶

Convert a public key to a public Bitcoin address, returning a Base58Check-encoded string.

Return type:	str

compute_secret_address(secretkey)¶

Convert a secret key to a secret Bitcoin address, returning a Base58Check-encoded string.

Return type:	str

bitcoin_address()¶

Generate a public address and a secret address, returing a tuple (public_address, secret_address) containing two Base58Check-encoded strings.

Return type:	(str, str)

address_public_digest(address)¶

Convert a public Bitcoin address to its ripemd160(sha256()) digest, returning the raw 20-byte digest.

Return type:	bytes

decode_secret_key(address)¶

Convert a secret Bitcoin address to a secret key, returning the secret key as a SecretKey object.

Return type:	SecretKey

Digital signature¶

recover_public_key(signature, message)¶

Recover the public key from the signature and the message, returning a PublicKey object. The recovered public key guarantees a correct signature.

Parameters:	signature (bytes) – the raw signature. message (bytes) – the message.
Returns:	a PublicKey object.

sign_data(secretkey, byte_string)¶

Sign the message byte_string with secretkey, returing a 65-byte serialized signature as a bytes-like string. The returned signature is compatible with ZeroNet (i.e. in the Electrum format)

Parameters:	secretkey (SecretKey) – the secret key. byte_string (bytes) – the message.
Returns:	a 65-byte binary string.

verify_data(key_digest, electrum_signature, byte_string)¶

Verify if electrum_signature is the signature for the message byte_string and is produced with the secret counterpart of key_digest.

Parameters:	key_digest (bytes) – the raw `ripemd160(sha256())` digest of the public key. electrum_signature (bytes) – the raw signature. byte_string (bytes) – the message.
Raises:	SignatureError – if it finds the signature forged or otherwise problematic. ValueError – if it finds the signature cannot be parsed.

Message digest¶

Note

Unless otherwise noted, algo='sha512' refers to the SHA-512/256 algorithm.

digest_bytes(data, algo='sha512')¶

Compute the digest of data, a bytes-like object, returing a tuple containing (digest, data_length). The first element is the raw digest. The second element is the length of the given data.

Parameters:	data (bytes) – the data to digest. algo (str) – the name of the digest algorithm.
Returns:	a two-element tuple.
Return type:	(bytes, int)

verify_digest_bytes(data, expect_digest, expect_size = None, algo='sha512')¶

Verify if data have the expected digest expect_digest and have the expected size expect_size. If expect_size is None, then data size will not be checked.

Parameters:	data (bytes) – the data to digest. expect_digest (bytes) – the expected raw digest. expect_size (int or None) – the expected data size.
Raises:	DigestError – if the digest or size does not match.

digest_stream(stream, algo='sha512')¶

Compute the digest of stream, a stream-like object, returning a tuple containing (digest, stream_size). The first element is the raw digest. The second element is the length of the given data.

Parameters:	stream (BytesIO) – the stream to read data from and digest. algo (str) – the name of the digest algorithm.
Returns:	a two-element tuple.
Return type:	(bytes, int)

verify_digest_stream(stream, expect_digest, expect_size = None, algo='sha512')¶

Verify if the data read from stream have the expected digest expect_digest and have the expected size expect_size. If expect_size is None, then stream size will not be checked.

Raises:	DigestError – if the digest or size does not match.

digest_file(path, algo='sha512')¶

Compute the data digest of the file located at the given path. The parameter path should be a unicode string. Returns a tuple containing (digest, stream_size). The first element is the raw digest. The second element is the length of the given data.

Parameters:	path (str) – the path to the file to read data from and digest. algo (str) – the name of the digest algorithm.
Returns:	a two-element tuple.
Return type:	(bytes, int)

verify_digest_file(path, expect_digest, expect_size=None, algo='sha512')¶

Verify if the file at path has the expected digest expect_digest and have the expected size expect_size. If expect_size is None, then file size will not be checked.

Raises:	DigestError – if the digest or size does not match.

Utilities¶

dumps(json_dict, compact=False)¶

Pack the given dictionary to a JSON string, returning a unicode string. Note that the return value is NOT a bytes-like string.

If compact is True, the JSON string will be tightly packed. If compact is False, the keys will be sorted and the JSON object will be pretty-printed.

Parameters:	json_dict (dict) – the dictionary to stringify. compact (bool) – the formatting option.
Return type:	str

Exceptions¶

class SignatureError(ValueError)¶

class DigestError(ValueError)¶

zerolib.integrity - Working with data integrity¶