| commit | 9f7eadfe3b0d7218a35d2665ac7b80beadb2670e | [log] [tgz] |
|---|---|---|
| author | Russ Housley <[email protected]> | Mon May 04 15:20:04 2020 -0400 |
| committer | GitHub <[email protected]> | Mon May 04 15:20:04 2020 -0400 |
| tree | 57e2aa4bf41639de33370b7622dd376125f5e43a | |
| parent | c07e0bab006a477352184d2a97af910c9a632399 [diff] |
Update setup.py
This Python package contains a free and open source implementation of HSS/LMS Hash-based Digital Signatures as defined in RFC 8554.
Generate a HSS/LMS private key:
priv_key = pyhsslms.HssLmsPrivateKey.genkey('mykey', levels=2)
The private key is stored in mykey.prv, and the public key is stored in mykey.pub. Of course, the mykey.prv must be protected from disclosure, and it gets updated every time a signature is created. Restoring mykey.prv from backup can cause a node in the tree to be used more that once, forfeiting all security.
Sign a file with a HSS/LMS private key:
priv_key.signFile('myfile.txt')
The private key was generated above is used to sign the content of myfile.txt, and the signature is stored in myfile.txt.sig.
Sign a buffer with a HSS/LMS private key:
sigbuf = prv_key.sign(buffer)
The private key was generated above is used to sign the content of buffer, and the signature is returned in sigbuf.
Verify a signature on a file with a HSS/LMS public key:
pub_key = pyhsslms.HssLmsPublicKey('mykey') if pub_key.verifyFile('myfile.txt'): print('Signature is valid') else: print('Signature is NOT valid!')
Verify a signature on a buffer with a HSS/LMS public key:
pub_key = pyhsslms.HssLmsPublicKey('mykey') validity = pub_key.verify(buffer, sigbuf) if validity: print('Signature is valid') else: print('Signature is NOT valid!')
The pyhsslms package is distributed under terms and conditions of license.
Source code is freely available as a GitHub repo.
You could pip install pyhsslms or download it from PyPI.
Copyright (c) 2020, Vigil Security, LLC All rights reserved.