aletheia

A Python implementation of Aletheia

These details have not been verified by PyPI

Project links

Project description

A Python implementation of Aletheia.

Process

The process is pretty simple:

Generate a public/private key pair
Sign a media file (image, audio, video) with the private key
Publish your public key
People can now verify your media files with your public key

Installation

As this is a Python package, use pip:

$ pip install aletheia

Support for MP3 files requires that you have FFmpeg installed. There are versions available for Linux, Mac, and Windows.

Configuration

Aletheia puts all of the required key files and cached public keys into ${ALETHEIA_HOME} which by default is ${HOME}/.config/aletheia. You can override this by setting it in the environment.

Command Line

This package comes with a simple command-line program that does everything you need to support the Aletheia process.

Generate your public/private key pair

$ aletheia generate

  🔑  Generating private/public key pair...

  All finished!

  You now have two files: aletheia.pem (your private key) and
  aletheia.pub (your public key).  Keep the former private, and share
  the latter far-and-wide.  Importantly, place your public key at a
  publicly accessible URL so that when you sign a file with your
  private key, it can be verified by reading the public key at that
  URL.

Your public & private key will be stored in ${ALETHEIA_HOME}. For Aletheia to work, you need to publish your public key on a website somewhere so it can be used to verify files later.

Sign an image with your private key

$ aletheia sign file.jpg https://example.com/my-public-key.pub

  ✔  file.jpg was signed with your private key

Aletheia will modify the EXIF data on your image to include a signature and a link to where your public key can be found so when it comes time to verify it, everything that’s necessary is available.

Verify the image with your public key

$ aletheia verify file.jpg

  ✔  The file is verified as having originated at example.com

Now, anyone who receives your image can verify its origin with this command so long as your public key remains available at the URL you used above.

Python API

There’s no reason that you would have to do all this on the command line of course. All of the above can be done programmatically as well.

Generate your public/private key pair

from aletheia.utils import generate

generate()

Just like the command line utility, generate() will create your public/private key pair in ${ALETHEIA_HOME}.

Sign an image with your private key

from aletheia.utils import sign

sign("/path/to/file.jpg", "https://example.com/my-public-key.pub")

So long as you’ve got your public/private key pair in ${ALETHEIA_HOME}, sign() will modify the metadata on your file to include a signature and URL for your public key.

There is also a sign_bulk() utility for multiple files:

from aletheia.utils import sign

sign(
    ("/path/to/file1.jpg", "/path/to/file2.jpg"),
    "https://example.com/my-public-key.pub"
)

Verify the image with your public key

from aletheia.utils import verify

verify("/path/to/file.jpg")

Aletheia will import the public key from the URL in the file’s metadata and attempt to verify the image data by comparing the key to the embedded signature. If the file is verified, it returns True, otherwise it returns False.

There’s also a verify_bulk() utility for multiple files:

from aletheia.utils import verify

verify_bulk(("/path/to/file1.jpg", "/path/to/file2.jpg"))

Project details

These details have not been verified by PyPI

Project links

Release history Release notifications | RSS feed

3.3.2

Dec 24, 2021

3.3.1

Sep 1, 2020

3.2.0

Feb 16, 2019

3.1.0

Feb 10, 2019

3.0.0

Jan 31, 2019

2.0.2

Dec 25, 2018

2.0.0

Dec 2, 2018

1.1.0

Nov 24, 2018

1.0.1

Oct 28, 2018

1.0.0

Oct 27, 2018

0.6.4

Sep 9, 2018

0.6.3

Sep 3, 2018

0.6.2

Aug 18, 2018

0.6.1

Aug 14, 2018

0.6.0

Jul 14, 2018

0.5.0

Jun 17, 2018

This version

0.4.0

May 30, 2018

0.3.4

May 7, 2018

0.3.3

May 7, 2018

0.3.2

May 5, 2018

0.3.1

May 5, 2018

0.3.0

Apr 29, 2018

0.2.0

Apr 22, 2018

0.1.0

Apr 15, 2018

0.0.3

Jan 28, 2018

0.0.2

Nov 26, 2017

0.0.1

Nov 10, 2017

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

aletheia-0.4.0.tar.gz (2.3 MB view details)

Uploaded May 30, 2018 Source

Built Distribution

aletheia-0.4.0-py2.py3-none-any.whl (26.1 kB view details)

Uploaded May 30, 2018 Python 2 Python 3

File details

Details for the file aletheia-0.4.0.tar.gz.

File metadata

Download URL: aletheia-0.4.0.tar.gz
Upload date: May 30, 2018
Size: 2.3 MB
Tags: Source
Uploaded using Trusted Publishing? No

File hashes

Hashes for aletheia-0.4.0.tar.gz
Algorithm	Hash digest
SHA256	`d03519071df3bd9f28d1e876c0fe32b31018c8e4d3d96759ed567b64bde3621a`
MD5	`d29642ecadcfd1e88a42c8b7d3062275`
BLAKE2b-256	`304a6b11b83f2a4a0283d180f949aa871432668caf86830af7f67d027dc2d130`

See more details on using hashes here.

File details

Details for the file aletheia-0.4.0-py2.py3-none-any.whl.

File metadata

Download URL: aletheia-0.4.0-py2.py3-none-any.whl
Upload date: May 30, 2018
Size: 26.1 kB
Tags: Python 2, Python 3
Uploaded using Trusted Publishing? No

File hashes

Hashes for aletheia-0.4.0-py2.py3-none-any.whl
Algorithm	Hash digest
SHA256	`11dd27ccf7f077e05e8c99e5e0d4ed3d2d82ea70aaecdc9d4676731fa279d322`
MD5	`2e880e6520af6ec77a2f604f30de64aa`
BLAKE2b-256	`d41ec1b7439793c59a4abcc6e4cfc22316e45b9e68090e11859ef3d515a4173d`