Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-signedjson for
openSUSE:Factory checked in at 2022-06-09 14:10:28
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-signedjson (Old)
and /work/SRC/openSUSE:Factory/.python-signedjson.new.1548 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-signedjson"
Thu Jun 9 14:10:28 2022 rev:6 rq:981337 version:1.1.4
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-signedjson/python-signedjson.changes
2020-08-17 14:40:21.106581559 +0200
+++
/work/SRC/openSUSE:Factory/.python-signedjson.new.1548/python-signedjson.changes
2022-06-09 14:10:34.692430337 +0200
@@ -1,0 +2,23 @@
+Wed Jun 8 11:08:12 UTC 2022 - Marcus Rueckert <[email protected]>
+
+- reenable testsuite
+
+-------------------------------------------------------------------
+Tue Jun 7 16:15:18 UTC 2022 - Marcus Rueckert <[email protected]>
+
+- Update to version 1.1.4
+ - Bugfixes
+ - Fix a bug introduced in signedjson 1.1.3 where signedjson
+ could not be imported due to an MRO resolution error. (#22)
+ - Do not require importlib_metadata on Python 3.8 and above. By
+ @MeggyCal. (#9)
+ - Internal Changes
+ - Configure @matrix-org/synapse-core to be the code owner for
+ the repository. (#11)
+ - Use assertEqual for Python 3.11. By @hugovk. (#17)
+ - Run linters (flake8, mypy, black, isort). (#20)
+ - Mark the package as containing type hints. (#20)
+- drop no-importlib-on-py38.patch:
+ included in update
+
+-------------------------------------------------------------------
Old:
----
no-importlib-on-py38.patch
signedjson-1.1.1.tar.gz
New:
----
signedjson-1.1.4.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-signedjson.spec ++++++
--- /var/tmp/diff_new_pack.97wjfU/_old 2022-06-09 14:10:36.008432102 +0200
+++ /var/tmp/diff_new_pack.97wjfU/_new 2022-06-09 14:10:36.012432107 +0200
@@ -1,7 +1,7 @@
#
-# spec file for package python-signedjson
+# spec file
#
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -20,14 +20,13 @@
%global modname signedjson
%bcond_without python2
Name: python-%{modname}
-Version: 1.1.1
+Version: 1.1.4
Release: 0
Summary: Python module to sign JSON with Ed25519 signatures
License: Apache-2.0
Group: Development/Languages/Python
URL: https://github.com/matrix-org/%{name}
Source0:
https://files.pythonhosted.org/packages/source/s/signedjson/%{modname}-%{version}.tar.gz
-Patch0: no-importlib-on-py38.patch
BuildRequires: %{python_module setuptools_scm}
BuildRequires: fdupes
BuildRequires: python-rpm-macros
@@ -64,7 +63,6 @@
%prep
%setup -q -n %{modname}-%{version}
-%patch0 -p1
%build
%python_build
++++++ signedjson-1.1.1.tar.gz -> signedjson-1.1.4.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/signedjson-1.1.1/.flake8 new/signedjson-1.1.4/.flake8
--- old/signedjson-1.1.1/.flake8 1970-01-01 01:00:00.000000000 +0100
+++ new/signedjson-1.1.4/.flake8 2022-03-08 19:01:34.000000000 +0100
@@ -0,0 +1,14 @@
+# Ideally this would be in pyproject.toml, but that's not possible right now.
See
+# https://github.com/PyCQA/flake8/issues/234
+#
https://github.com/johnthagen/python-blueprint/issues/29#issuecomment-1003437646
+[flake8]
+# see https://pycodestyle.readthedocs.io/en/latest/intro.html#error-codes
+# and https://flake8.pycqa.org/en/latest/user/error-codes.html
+# for error codes. The ones we ignore are:
+# W503: line break before binary operator
+# W504: line break after binary operator
+# E203: whitespace before ':' (which is contrary to pep8?)
+# E731: do not assign a lambda expression, use a def
+# E501: Line too long (black enforces this for us)
+ignore=W503,W504,E203,E731,E501
+exclude=dist,.venv
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/signedjson-1.1.1/.github/CODEOWNERS
new/signedjson-1.1.4/.github/CODEOWNERS
--- old/signedjson-1.1.1/.github/CODEOWNERS 1970-01-01 01:00:00.000000000
+0100
+++ new/signedjson-1.1.4/.github/CODEOWNERS 2022-01-24 15:10:18.000000000
+0100
@@ -0,0 +1,2 @@
+# Automatically request reviews from the synapse-core team when a pull request
comes in.
+* @matrix-org/synapse-core
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/signedjson-1.1.1/CHANGELOG.md
new/signedjson-1.1.4/CHANGELOG.md
--- old/signedjson-1.1.1/CHANGELOG.md 2020-03-27 20:43:57.000000000 +0100
+++ new/signedjson-1.1.4/CHANGELOG.md 2022-03-29 18:28:42.000000000 +0200
@@ -1,3 +1,40 @@
+Signedjson 1.1.4 (2022-03-29)
+=============================
+
+Bugfixes
+--------
+
+- Fix a bug introduced in signedjson 1.1.3 where `signedjson` could not be
imported due to an MRO resolution error.
([\#22](https://github.com/matrix-org/python-signedjson/issues/22))
+
+
+Signedjson 1.1.3 (2022-03-29)
+=============================
+
+
+Internal Changes
+----------------
+
+- Mark the `SigningKey` and `VerifyKey` types as `SupportsBytes`.
([\#21](https://github.com/matrix-org/python-signedjson/issues/21))
+
+
+Signedjson 1.1.2 (2022-03-29)
+=============================
+
+Bugfixes
+--------
+
+- Do not require `importlib_metadata` on Python 3.8 and above. By @MeggyCal.
([\#9](https://github.com/matrix-org/python-signedjson/issues/9))
+
+
+Internal Changes
+----------------
+
+- Configure @matrix-org/synapse-core to be the code owner for the repository.
([\#11](https://github.com/matrix-org/python-signedjson/issues/11))
+- Use `assertEqual` for Python 3.11. By @hugovk.
([\#17](https://github.com/matrix-org/python-signedjson/pull/17))
+- Run linters (flake8, mypy, black, isort).
([\#20](https://github.com/matrix-org/python-signedjson/pull/20))
+- Mark the package as containing type hints.
([\#20](https://github.com/matrix-org/python-signedjson/pull/20))
+
+
Signedjson 1.1.1 (2020-03-27)
=============================
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/signedjson-1.1.1/PKG-INFO
new/signedjson-1.1.4/PKG-INFO
--- old/signedjson-1.1.1/PKG-INFO 2020-03-27 20:48:21.000000000 +0100
+++ new/signedjson-1.1.4/PKG-INFO 2022-03-29 18:29:42.332502100 +0200
@@ -1,82 +1,83 @@
-Metadata-Version: 1.0
+Metadata-Version: 2.1
Name: signedjson
-Version: 1.1.1
+Version: 1.1.4
Summary: Sign JSON with Ed25519 signatures
-Home-page: UNKNOWN
-Author: UNKNOWN
-Author-email: UNKNOWN
License: UNKNOWN
-Description: Signed JSON
- ===========
-
- .. image:: https://img.shields.io/pypi/v/signedjson.svg
- :target: https://pypi.python.org/pypi/signedjson/
- :alt: Latest Version
-
- .. image::
https://img.shields.io/travis/matrix-org/python-signedjson.svg
- :target: https://travis-ci.org/matrix-org/python-signedjson
-
-
- Signs JSON objects with ED25519 signatures.
-
-
- Features
- --------
-
- * More than one entity can sign the same object.
- * Each entity can sign the object with more than one key making it
easier to
- rotate keys
- * ED25519 can be replaced with a different algorithm.
- * Unprotected data can be added to the object under the ``"unsigned"``
key.
-
-
- Installing
- ----------
-
- .. code:: bash
-
- pip install signedjson
-
- Using
- -----
-
- .. code:: python
-
- from signedjson.key import generate_signing_key, get_verify_key
- from signedjson.sign import (
- sign_json, verify_signed_json, SignatureVerifyException
- )
-
- signing_key = generate_signing_key('zxcvb')
- signed_json = sign_json({'my_key': 'my_data'}, 'Alice',
signing_key)
-
- verify_key = get_verify_key(signing_key)
-
- try:
- verify_signed_json(signed_json, 'Alice', verify_key)
- print 'Signature is valid'
- except SignatureVerifyException:
- print 'Signature is invalid'
-
- Format
- ------
-
- .. code:: json
-
- {
- "<protected_name>": "<protected_value>",
- "signatures": {
- "<entity_name>": {
- "ed25519:<key_id>": "<unpadded_base64_signature>"
- }
- },
- "unsigned": {
- "<unprotected_name>": "<unprotected_value>",
- }
- }
-
-
-
-
Keywords: json
Platform: UNKNOWN
+Provides-Extra: dev
+License-File: LICENSE
+
+Signed JSON
+===========
+
+.. image:: https://img.shields.io/pypi/v/signedjson.svg
+ :target: https://pypi.python.org/pypi/signedjson/
+ :alt: Latest Version
+
+.. image:: https://img.shields.io/travis/matrix-org/python-signedjson.svg
+ :target: https://travis-ci.org/matrix-org/python-signedjson
+
+
+Signs JSON objects with ED25519 signatures.
+
+
+Features
+--------
+
+* More than one entity can sign the same object.
+* Each entity can sign the object with more than one key making it easier to
+ rotate keys
+* ED25519 can be replaced with a different algorithm.
+* Unprotected data can be added to the object under the ``"unsigned"`` key.
+
+
+Installing
+----------
+
+.. code:: bash
+
+ pip install signedjson
+
+Using
+-----
+
+.. code:: python
+
+ from signedjson.key import generate_signing_key, get_verify_key
+ from signedjson.sign import (
+ sign_json, verify_signed_json, SignatureVerifyException
+ )
+
+ signing_key = generate_signing_key('zxcvb')
+ signed_json = sign_json({'my_key': 'my_data'}, 'Alice', signing_key)
+
+ verify_key = get_verify_key(signing_key)
+
+ try:
+ verify_signed_json(signed_json, 'Alice', verify_key)
+ print 'Signature is valid'
+ except SignatureVerifyException:
+ print 'Signature is invalid'
+
+Format
+------
+
+.. code:: json
+
+ {
+ "<protected_name>": "<protected_value>",
+ "signatures": {
+ "<entity_name>": {
+ "ed25519:<key_id>": "<unpadded_base64_signature>"
+ }
+ },
+ "unsigned": {
+ "<unprotected_name>": "<unprotected_value>",
+ }
+ }
+
+
+
+
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/signedjson-1.1.1/RELEASING.md
new/signedjson-1.1.4/RELEASING.md
--- old/signedjson-1.1.1/RELEASING.md 1970-01-01 01:00:00.000000000 +0100
+++ new/signedjson-1.1.4/RELEASING.md 2022-03-29 15:10:56.000000000 +0200
@@ -0,0 +1,34 @@
+1. Set a variable to the version number for convenience:
+ ```sh
+ ver=x.y.z
+ ```
+1. Update the changelog:
+ ```sh
+ towncrier --version=$ver
+ # On newer towncriers: towncrier build --version=$ver
+ ```
+1. Push your changes:
+ ```sh
+ git add -u && git commit -m $ver && git push
+ ```
+1. Sanity-check the
+
[changelog](https://github.com/matrix-org/python-signedjson/blob/master/CHANGELOG.md)
+ and update if need be.
+1. Create a signed tag for the relese:
+ ```sh
+ git tag -s v$ver
+ ```
+ Base the tag message on the changelog.
+1. Push the tag:
+ ```sh
+ git push origin tag v$ver
+ ```
+1. Build and upload to PyPI:
+ ```sh
+ python setup.py sdist
+ twine upload dist/python-signedjson-$ver.tar.gz
+ ```
+1. Create release on GH project page:
+ ```sh
+ xdg-open https://github.com/matrix-org/python-signedjson/releases/edit/v$ver
+ ```
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/signedjson-1.1.1/pyproject.toml
new/signedjson-1.1.4/pyproject.toml
--- old/signedjson-1.1.1/pyproject.toml 2020-03-27 20:42:41.000000000 +0100
+++ new/signedjson-1.1.4/pyproject.toml 2022-03-08 19:01:34.000000000 +0100
@@ -33,3 +33,21 @@
directory = "misc"
name = "Internal Changes"
showcontent = true
+
+[tool.isort]
+line_length = 88
+multi_line_output = 3
+include_trailing_comma = true
+combine_as_imports = true
+known_first_party = ["signedjson", "tests"]
+
+[tool.black]
+# Placeholder for now.
+
+[tool.mypy]
+files = ["signedjson", "tests"]
+show_error_codes = true
+
+[[tool.mypy.overrides]]
+module = ["canonicaljson"]
+ignore_missing_imports = true
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/signedjson-1.1.1/setup.py
new/signedjson-1.1.4/setup.py
--- old/signedjson-1.1.1/setup.py 2020-03-27 20:41:34.000000000 +0100
+++ new/signedjson-1.1.4/setup.py 2022-03-08 19:01:34.000000000 +0100
@@ -14,9 +14,10 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-from setuptools import setup
-from codecs import open
import os
+from codecs import open
+
+from setuptools import setup
here = os.path.abspath(os.path.dirname(__file__))
@@ -39,10 +40,16 @@
"canonicaljson>=1.0.0",
"unpaddedbase64>=1.0.1",
"pynacl>=0.3.0",
- "typing_extensions>=3.5",
+ 'typing_extensions>=3.5;python_version<"3.8"',
'typing>=3.5;python_version<"3.5"',
- "importlib_metadata",
+ 'importlib_metadata;python_version<"3.8"',
],
+ extras_require={
+ "dev": ["typing_extensions>=3.5"],
+ },
long_description=read_file(("README.rst",)),
keywords="json",
+ package_data={
+ "signedjson": ["py.typed"]
+ }
)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/signedjson-1.1.1/signedjson/__init__.py
new/signedjson-1.1.4/signedjson/__init__.py
--- old/signedjson-1.1.1/signedjson/__init__.py 2020-03-27 20:41:34.000000000
+0100
+++ new/signedjson-1.1.4/signedjson/__init__.py 2022-03-29 16:07:33.000000000
+0200
@@ -12,7 +12,13 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-from importlib_metadata import version, PackageNotFoundError
+try:
+ from importlib.metadata import PackageNotFoundError, version
+except ImportError: # pragma: nocover
+ from importlib_metadata import ( # type: ignore[import, no-redef]
+ PackageNotFoundError,
+ version,
+ )
try:
__version__ = version(__name__)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/signedjson-1.1.1/signedjson/key.py
new/signedjson-1.1.4/signedjson/key.py
--- old/signedjson-1.1.1/signedjson/key.py 2020-03-27 17:13:12.000000000
+0100
+++ new/signedjson-1.1.4/signedjson/key.py 2022-03-08 19:01:34.000000000
+0100
@@ -20,7 +20,7 @@
import nacl.signing
from unpaddedbase64 import decode_base64, encode_base64
-from signedjson.types import SigningKey, VerifyKey
+from signedjson.types import SigningKey, VerifyKey, VerifyKeyWithExpiry
NACL_ED25519 = "ed25519"
SUPPORTED_ALGORITHMS = [NACL_ED25519]
@@ -34,7 +34,7 @@
Returns:
A SigningKey object.
"""
- key = nacl.signing.SigningKey.generate()
+ key: SigningKey = nacl.signing.SigningKey.generate() # type:
ignore[assignment]
key.version = version
key.alg = NACL_ED25519
return key
@@ -43,7 +43,7 @@
def get_verify_key(signing_key):
# type: (SigningKey) -> VerifyKey
"""Get a verify key from a signing key"""
- verify_key = signing_key.verify_key
+ verify_key: VerifyKey = signing_key.verify_key # type: ignore[assignment]
verify_key.version = signing_key.version
verify_key.alg = signing_key.alg
return verify_key
@@ -61,7 +61,7 @@
"""
if algorithm == NACL_ED25519:
key_bytes = decode_base64(key_base64)
- key = nacl.signing.SigningKey(key_bytes)
+ key: SigningKey = nacl.signing.SigningKey(key_bytes) # type:
ignore[assignment]
key.version = version
key.alg = NACL_ED25519
return key
@@ -125,8 +125,8 @@
A VerifyKey object.
"""
if key_id.startswith(NACL_ED25519 + ":"):
- version = key_id[len(NACL_ED25519) + 1:]
- key = nacl.signing.VerifyKey(key_bytes)
+ version = key_id[len(NACL_ED25519) + 1 :]
+ key: VerifyKey = nacl.signing.VerifyKey(key_bytes) # type:
ignore[assignment]
key.version = version
key.alg = NACL_ED25519
return key
@@ -151,7 +151,7 @@
def read_old_signing_keys(stream):
- # type: (Iterable[str]) -> List[VerifyKey]
+ # type: (Iterable[str]) -> List[VerifyKeyWithExpiry]
"""Reads a list of old keys from a stream
Args:
stream : A stream to iterate for keys.
@@ -161,7 +161,9 @@
keys = []
for line in stream:
algorithm, version, expired, key_base64 = line.split()
- key = decode_verify_key_base64(algorithm, version, key_base64)
+ key: VerifyKeyWithExpiry = decode_verify_key_base64(
+ algorithm, version, key_base64
+ ) # type: ignore[assignment]
key.expired = int(expired)
keys.append(key)
return keys
@@ -176,4 +178,11 @@
"""
for key in keys:
key_base64 = encode_signing_key_base64(key)
- stream.write("%s %s %s\n" % (key.alg, key.version, key_base64,))
+ stream.write(
+ "%s %s %s\n"
+ % (
+ key.alg,
+ key.version,
+ key_base64,
+ )
+ )
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/signedjson-1.1.1/signedjson/sign.py
new/signedjson-1.1.4/signedjson/sign.py
--- old/signedjson-1.1.1/signedjson/sign.py 2020-01-29 18:17:34.000000000
+0100
+++ new/signedjson-1.1.4/signedjson/sign.py 2022-03-08 19:01:34.000000000
+0100
@@ -61,8 +61,9 @@
return json_object
-def signature_ids(json_object, signature_name,
- supported_algorithms=SUPPORTED_ALGORITHMS):
+def signature_ids(
+ json_object, signature_name, supported_algorithms=SUPPORTED_ALGORITHMS
+):
# type: (JsonDict, str, Iterable[str]) -> List[str]
"""Does the JSON object have a signature for the given name?
Args:
@@ -75,13 +76,13 @@
"""
key_ids = json_object.get("signatures", {}).get(signature_name, {}).keys()
return list(
- key_id for key_id in key_ids
- if key_id.split(":")[0] in supported_algorithms
+ key_id for key_id in key_ids if key_id.split(":")[0] in
supported_algorithms
)
class SignatureVerifyException(Exception):
"""A signature could not be verified"""
+
pass
@@ -131,7 +132,10 @@
verify_key.verify(message, signature)
except Exception as e:
raise SignatureVerifyException(
- "Unable to verify signature for %s: %s %s" % (
- signature_name, type(e), e,
+ "Unable to verify signature for %s: %s %s"
+ % (
+ signature_name,
+ type(e),
+ e,
)
)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/signedjson-1.1.1/signedjson/types.py
new/signedjson-1.1.4/signedjson/types.py
--- old/signedjson-1.1.1/signedjson/types.py 2020-01-29 18:17:34.000000000
+0100
+++ new/signedjson-1.1.4/signedjson/types.py 2022-03-29 18:25:47.000000000
+0200
@@ -13,34 +13,53 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+import sys
+from typing import TYPE_CHECKING
+
import nacl.signing
-from typing_extensions import Protocol
+
+if TYPE_CHECKING or sys.version_info < (3, 8, 0):
+ from typing_extensions import Protocol
+else:
+ from typing import Protocol
class BaseKey(Protocol):
"""Common base type for VerifyKey and SigningKey"""
+
version = "" # type: str
alg = "" # type: str
+ def __bytes__(self) -> bytes:
+ pass
+
def encode(self):
# type: () -> bytes
- pass # pragma: nocover
+ pass # pragma: nocover
class VerifyKey(BaseKey):
"""The public part of a key pair, for use with verify_signed_json"""
+
def verify(self, message, signature):
# type: (bytes, bytes) -> bytes
- pass # pragma: nocover
+ pass # pragma: nocover
+
+
+class VerifyKeyWithExpiry(VerifyKey):
+ expired: int
class SigningKey(BaseKey):
"""The private part of a key pair, for use with sign_json"""
+
def sign(self, message):
# type: (bytes) -> nacl.signing.SignedMessage
- pass # pragma: nocover
+ pass # pragma: nocover
@property
def verify_key(self):
+ # Note: use `signedjson.key.get_verify_key` to get a
+ # `signedjson.types.VerifyKey`.
# type: () -> nacl.signing.VerifyKey
- pass # pragma: nocover
+ pass # pragma: nocover
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/signedjson-1.1.1/signedjson.egg-info/PKG-INFO
new/signedjson-1.1.4/signedjson.egg-info/PKG-INFO
--- old/signedjson-1.1.1/signedjson.egg-info/PKG-INFO 2020-03-27
20:48:21.000000000 +0100
+++ new/signedjson-1.1.4/signedjson.egg-info/PKG-INFO 2022-03-29
18:29:41.000000000 +0200
@@ -1,82 +1,83 @@
-Metadata-Version: 1.0
+Metadata-Version: 2.1
Name: signedjson
-Version: 1.1.1
+Version: 1.1.4
Summary: Sign JSON with Ed25519 signatures
-Home-page: UNKNOWN
-Author: UNKNOWN
-Author-email: UNKNOWN
License: UNKNOWN
-Description: Signed JSON
- ===========
-
- .. image:: https://img.shields.io/pypi/v/signedjson.svg
- :target: https://pypi.python.org/pypi/signedjson/
- :alt: Latest Version
-
- .. image::
https://img.shields.io/travis/matrix-org/python-signedjson.svg
- :target: https://travis-ci.org/matrix-org/python-signedjson
-
-
- Signs JSON objects with ED25519 signatures.
-
-
- Features
- --------
-
- * More than one entity can sign the same object.
- * Each entity can sign the object with more than one key making it
easier to
- rotate keys
- * ED25519 can be replaced with a different algorithm.
- * Unprotected data can be added to the object under the ``"unsigned"``
key.
-
-
- Installing
- ----------
-
- .. code:: bash
-
- pip install signedjson
-
- Using
- -----
-
- .. code:: python
-
- from signedjson.key import generate_signing_key, get_verify_key
- from signedjson.sign import (
- sign_json, verify_signed_json, SignatureVerifyException
- )
-
- signing_key = generate_signing_key('zxcvb')
- signed_json = sign_json({'my_key': 'my_data'}, 'Alice',
signing_key)
-
- verify_key = get_verify_key(signing_key)
-
- try:
- verify_signed_json(signed_json, 'Alice', verify_key)
- print 'Signature is valid'
- except SignatureVerifyException:
- print 'Signature is invalid'
-
- Format
- ------
-
- .. code:: json
-
- {
- "<protected_name>": "<protected_value>",
- "signatures": {
- "<entity_name>": {
- "ed25519:<key_id>": "<unpadded_base64_signature>"
- }
- },
- "unsigned": {
- "<unprotected_name>": "<unprotected_value>",
- }
- }
-
-
-
-
Keywords: json
Platform: UNKNOWN
+Provides-Extra: dev
+License-File: LICENSE
+
+Signed JSON
+===========
+
+.. image:: https://img.shields.io/pypi/v/signedjson.svg
+ :target: https://pypi.python.org/pypi/signedjson/
+ :alt: Latest Version
+
+.. image:: https://img.shields.io/travis/matrix-org/python-signedjson.svg
+ :target: https://travis-ci.org/matrix-org/python-signedjson
+
+
+Signs JSON objects with ED25519 signatures.
+
+
+Features
+--------
+
+* More than one entity can sign the same object.
+* Each entity can sign the object with more than one key making it easier to
+ rotate keys
+* ED25519 can be replaced with a different algorithm.
+* Unprotected data can be added to the object under the ``"unsigned"`` key.
+
+
+Installing
+----------
+
+.. code:: bash
+
+ pip install signedjson
+
+Using
+-----
+
+.. code:: python
+
+ from signedjson.key import generate_signing_key, get_verify_key
+ from signedjson.sign import (
+ sign_json, verify_signed_json, SignatureVerifyException
+ )
+
+ signing_key = generate_signing_key('zxcvb')
+ signed_json = sign_json({'my_key': 'my_data'}, 'Alice', signing_key)
+
+ verify_key = get_verify_key(signing_key)
+
+ try:
+ verify_signed_json(signed_json, 'Alice', verify_key)
+ print 'Signature is valid'
+ except SignatureVerifyException:
+ print 'Signature is invalid'
+
+Format
+------
+
+.. code:: json
+
+ {
+ "<protected_name>": "<protected_value>",
+ "signatures": {
+ "<entity_name>": {
+ "ed25519:<key_id>": "<unpadded_base64_signature>"
+ }
+ },
+ "unsigned": {
+ "<unprotected_name>": "<unprotected_value>",
+ }
+ }
+
+
+
+
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/signedjson-1.1.1/signedjson.egg-info/SOURCES.txt
new/signedjson-1.1.4/signedjson.egg-info/SOURCES.txt
--- old/signedjson-1.1.1/signedjson.egg-info/SOURCES.txt 2020-03-27
20:48:21.000000000 +0100
+++ new/signedjson-1.1.4/signedjson.egg-info/SOURCES.txt 2022-03-29
18:29:42.000000000 +0200
@@ -1,15 +1,19 @@
+.flake8
.gitignore
.travis.yml
CHANGELOG.md
LICENSE
MANIFEST.in
README.rst
+RELEASING.md
pyproject.toml
setup.py
tox.ini
+.github/CODEOWNERS
changelog.d/.gitignore
signedjson/__init__.py
signedjson/key.py
+signedjson/py.typed
signedjson/sign.py
signedjson/types.py
signedjson.egg-info/PKG-INFO
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/signedjson-1.1.1/signedjson.egg-info/requires.txt
new/signedjson-1.1.4/signedjson.egg-info/requires.txt
--- old/signedjson-1.1.1/signedjson.egg-info/requires.txt 2020-03-27
20:48:21.000000000 +0100
+++ new/signedjson-1.1.4/signedjson.egg-info/requires.txt 2022-03-29
18:29:42.000000000 +0200
@@ -1,8 +1,13 @@
canonicaljson>=1.0.0
-importlib_metadata
-pynacl>=0.3.0
-typing_extensions>=3.5
unpaddedbase64>=1.0.1
+pynacl>=0.3.0
[:python_version < "3.5"]
typing>=3.5
+
+[:python_version < "3.8"]
+typing_extensions>=3.5
+importlib_metadata
+
+[dev]
+typing_extensions>=3.5
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/signedjson-1.1.1/tests/test_key.py
new/signedjson-1.1.4/tests/test_key.py
--- old/signedjson-1.1.1/tests/test_key.py 2020-03-27 17:13:12.000000000
+0100
+++ new/signedjson-1.1.4/tests/test_key.py 2022-03-08 19:01:34.000000000
+0100
@@ -19,8 +19,8 @@
def test_generate_key(self):
my_version = "my_version"
my_key = generate_signing_key(my_version)
- self.assertEquals(my_key.alg, "ed25519")
- self.assertEquals(my_key.version, my_version)
+ self.assertEqual(my_key.alg, "ed25519")
+ self.assertEqual(my_key.version, my_version)
class DecodeTestCase(unittest.TestCase):
@@ -35,8 +35,8 @@
decoded_key = decode_signing_key_base64(
"ed25519", self.version, self.key_base64
)
- self.assertEquals(decoded_key.alg, "ed25519")
- self.assertEquals(decoded_key.version, self.version)
+ self.assertEqual(decoded_key.alg, "ed25519")
+ self.assertEqual(decoded_key.version, self.version)
def test_decode_invalid_base64(self):
with self.assertRaises(Exception):
@@ -54,8 +54,8 @@
decoded_key = decode_verify_key_base64(
"ed25519", self.version, self.verify_key_base64
)
- self.assertEquals(decoded_key.alg, "ed25519")
- self.assertEquals(decoded_key.version, self.version)
+ self.assertEqual(decoded_key.alg, "ed25519")
+ self.assertEqual(decoded_key.version, self.version)
def test_decode_verify_key_invalid_base64(self):
with self.assertRaises(Exception):
@@ -72,12 +72,12 @@
def test_read_keys(self):
stream = ["ed25519 %s %s" % (self.version, self.key_base64)]
keys = read_signing_keys(stream)
- self.assertEquals(len(keys), 1)
+ self.assertEqual(len(keys), 1)
def test_read_old_keys(self):
stream = ["ed25519 %s 0 %s" % (self.version, self.verify_key_base64)]
keys = read_old_signing_keys(stream)
- self.assertEquals(len(keys), 1)
+ self.assertEqual(len(keys), 1)
def test_decode_verify_invalid_algorithm(self):
with self.assertRaises(Exception):
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/signedjson-1.1.1/tests/test_known_key.py
new/signedjson-1.1.4/tests/test_known_key.py
--- old/signedjson-1.1.1/tests/test_known_key.py 2020-01-03
11:01:04.000000000 +0100
+++ new/signedjson-1.1.4/tests/test_known_key.py 2022-03-08
19:01:34.000000000 +0100
@@ -16,15 +16,12 @@
import unittest
-from unpaddedbase64 import decode_base64
-
import nacl.signing
+from unpaddedbase64 import decode_base64
from signedjson.sign import sign_json
-SIGNING_KEY_SEED = decode_base64(
- "YJDBA9Xnr2sVqXD9Vj7XVUnmFZcZrlw8Md7kMW+3XA1"
-)
+SIGNING_KEY_SEED = decode_base64("YJDBA9Xnr2sVqXD9Vj7XVUnmFZcZrlw8Md7kMW+3XA1")
KEY_ALG = "ed25519"
KEY_VER = 1
@@ -32,8 +29,8 @@
class KnownKeyTestCase(unittest.TestCase):
- """ An entirely deterministic test using a given signing key seed, so that
- other implementations can compare that they get the same result. """
+ """An entirely deterministic test using a given signing key seed, so that
+ other implementations can compare that they get the same result."""
def setUp(self):
self.signing_key = nacl.signing.SigningKey(SIGNING_KEY_SEED)
@@ -41,29 +38,29 @@
self.signing_key.version = KEY_VER
def test_sign_minimal(self):
- self.assertEquals(
+ self.assertEqual(
sign_json({}, "domain", self.signing_key),
{
- 'signatures': {
- 'domain': {
+ "signatures": {
+ "domain": {
KEY_NAME: "K8280/U9SSy9IVtjBuVeLr+HpOB4BQFWbg+UZaADMt"
"TdGYI7Geitb76LTrr5QV/7Xg4ahLwYGYZzuHGZKM5ZAQ"
},
}
- }
+ },
)
def test_sign_with_data(self):
- self.assertEquals(
- sign_json({'one': 1, 'two': "Two"}, "domain", self.signing_key),
+ self.assertEqual(
+ sign_json({"one": 1, "two": "Two"}, "domain", self.signing_key),
{
- 'one': 1,
- 'two': "Two",
- 'signatures': {
- 'domain': {
+ "one": 1,
+ "two": "Two",
+ "signatures": {
+ "domain": {
KEY_NAME: "KqmLSbO39/Bzb0QIYE82zqLwsA+PDzYIpIRA2sRQ4s"
"L53+sN6/fpNSoqE7BP7vBZhG6kYdD13EIMJpvhJI+6Bw"
},
- }
- }
+ },
+ },
)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/signedjson-1.1.1/tests/test_sign.py
new/signedjson-1.1.4/tests/test_sign.py
--- old/signedjson-1.1.1/tests/test_sign.py 2020-01-03 11:01:04.000000000
+0100
+++ new/signedjson-1.1.4/tests/test_sign.py 2022-03-08 19:01:34.000000000
+0100
@@ -19,54 +19,54 @@
from unpaddedbase64 import encode_base64
from signedjson.sign import (
- sign_json, verify_signed_json, signature_ids, SignatureVerifyException
+ SignatureVerifyException,
+ sign_json,
+ signature_ids,
+ verify_signed_json,
)
class JsonSignTestCase(unittest.TestCase):
def setUp(self):
- self.message = {'foo': 'bar', 'unsigned': {}}
+ self.message = {"foo": "bar", "unsigned": {}}
self.sigkey = MockSigningKey()
- self.assertEqual(self.sigkey.alg, 'mock')
- self.signed = sign_json(self.message, 'Alice', self.sigkey)
+ self.assertEqual(self.sigkey.alg, "mock")
+ self.signed = sign_json(self.message, "Alice", self.sigkey)
self.verkey = MockVerifyKey()
def test_sign_and_verify(self):
- self.assertIn('signatures', self.signed)
- self.assertIn('Alice', self.signed['signatures'])
- self.assertIn('mock:test', self.signed['signatures']['Alice'])
+ self.assertIn("signatures", self.signed)
+ self.assertIn("Alice", self.signed["signatures"])
+ self.assertIn("mock:test", self.signed["signatures"]["Alice"])
self.assertEqual(
- self.signed['signatures']['Alice']['mock:test'],
- encode_base64(b'x_______')
+ self.signed["signatures"]["Alice"]["mock:test"],
encode_base64(b"x_______")
)
self.assertEqual(self.sigkey.signed_bytes, b'{"foo":"bar"}')
- verify_signed_json(self.signed, 'Alice', self.verkey)
+ verify_signed_json(self.signed, "Alice", self.verkey)
def test_signature_ids(self):
- key_ids = signature_ids(
- self.signed, 'Alice', supported_algorithms=['mock']
- )
- self.assertListEqual(key_ids, ['mock:test'])
+ key_ids = signature_ids(self.signed, "Alice",
supported_algorithms=["mock"])
+ self.assertListEqual(key_ids, ["mock:test"])
def test_verify_fail(self):
- self.signed['signatures']['Alice']['mock:test'] = encode_base64(
- b'not a signature'
+ self.signed["signatures"]["Alice"]["mock:test"] = encode_base64(
+ b"not a signature"
)
with self.assertRaises(SignatureVerifyException):
- verify_signed_json(self.signed, 'Alice', self.verkey)
+ verify_signed_json(self.signed, "Alice", self.verkey)
def test_verify_fail_no_signatures(self):
with self.assertRaises(SignatureVerifyException):
- verify_signed_json({}, 'Alice', self.verkey)
+ verify_signed_json({}, "Alice", self.verkey)
def test_verify_fail_no_signature_for_alice(self):
with self.assertRaises(SignatureVerifyException):
- verify_signed_json({'signatures': {}}, 'Alice', self.verkey)
+ verify_signed_json({"signatures": {}}, "Alice", self.verkey)
def test_verify_fail_not_base64(self):
- invalid = {'signatures': {'Alice': {'mock:test': 'not base64'}}}
+ invalid = {"signatures": {"Alice": {"mock:test": "not base64"}}}
with self.assertRaises(SignatureVerifyException):
- verify_signed_json(invalid, 'Alice', self.verkey)
+ verify_signed_json(invalid, "Alice", self.verkey)
class MockSigningKey(object):
