Metadata-Version: 2.1
Name: safepickling
Version: 1.0.1
Summary: SafePickling is a python library that allows you to sign and verify python pickles
Home-page: https://github.com/Wissotsky/SafePickling
License: MIT
Keywords: pickle,safe,sign,verify,security
Author: Wissotsky
Author-email: Wissotsky@protonmail.com
Requires-Python: >=3.9,<4.0
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.9
Project-URL: Repository, https://github.com/Wissotsky/SafePickling
Description-Content-Type: text/markdown

# SafePickling

SafePickling is a python library that allows you to sign and verify python pickles.

```mermaid
graph LR
    subgraph Server
        A[Object]:::object -->B{Pickle and sign}:::cryptography
        C[Key]:::storage --> B
        B --> pik2[signature] --> D(Server):::network
        B --> pik1[pickle] --> D
    end
    subgraph Client
        D ==> E(Client):::network
        E -->unpik2[signature]
        E -->unpik1[pickle] --> F{Sign}:::cryptography
        known[(Known keys)]:::storage --> F --> F
        F --> eq{Is equal?}
        unpik2 --> eq:::cryptography
        eq -->|Yes|unpik{{Unpickle}}:::cryptography --> Z[Object]:::object
        eq -->|No|Invalid(Invalid):::error
    end

    classDef network fill:#FFD666;
    classDef cryptography fill:#82FF66;
    classDef error fill:#FF6B66;
    classDef storage fill:#DE66FF;
    classDef object fill:#666EFF;
```

## Installation

```sh
pip install safepickling
```

## Usage Example

```python
object = ExampleObject()

server = SafePickling() # Create a server instance
server.generate_key() # Generate a random key for the server
pickled_object = server.pickle(object) # Pickle the object and sign it
```
```python
client = SafePickling() # Create a client instance
client.add_trusted_keys([server.key]) # Add the server's key to the client's trusted keys
unpickled_object = client.unpickle(pickled_object) # Unpickle the data while verifying it's signature with the server's key
```

## Cryptography

Random provided by `secrets.token_bytes`

Hash comparison with `hmac.compare_digest`

Hashing done using `hashlib.blake2b`

