Skip to main content

Signet provides support for building and delivering tamper resistant python to your users and customers.

Project description

FULL HTML Documentation: http://jamercee.github.io/signet/

Signet provides support for building and delivering tamper resistant python to your users and customers.

Signet creates a custom python loader which you deliver with your script. On each invocation, the loader it will verify no tampering has ocurred before it runs the python script.

Users have the confidence of knowing their scripts are safe and yet retain full access to the python source for code review and enhancement. And you know your users are running the right version of code.

Signet is fully integrated with distutils to make the process of building and installing new python projects as simple and painless as possible.

How does it work?

Signet relies on the strength of cryptographic hash to reliably detect file modifications. Signet builds hashes of your script and all your script’s dependencies. These hashes are incorporated into a custom python loader which will handle re-verifying the hashes before it will agree to run your script.

If your script or any of it’s dependencies are tampered with, the loader will emit an error and exit. If everything matches, the loader will run your script.

Example usage

For example, if you had a simple script hello.py:

import os
print('hello from %s' % os.name)

And you deployed it with this simple setup.py:

from distutils.core import setup, Extension
from signet.command.build_signet import build_signet

setup(name = 'hello',
    cmdclass = {'build_signet': build_signet, },
    ext_modules = [Extension('hello', sources=['hello.py'])],
    )

Build your loader:

python setup.py build_signet

On Windows you’ll have hello.exe and on Linux you’ll have hello.

The signet system also provides facilities for code signing:

from distutils.core import setup, Extension
from signet.command.build_signet import build_signet, sign_code

setup(name = 'hello',
    cmdclass = {'build_signet': build_signet,
                'sign_code': sign_code,
               },
    ext_modules = [Extension('hello', sources=['hello.py'])],
    )

Build your loader:

python setup.py build_signet
python setup.py sign_code --savedpassword --pfx-file {path-to-pfx}

Installing Signet

Signet is hosted on github at https://github.com/jamercee/signet

Installation using git:

git clone https://github.com/jamercee/signet
cd signet
python setup.py install

Signet can also be installed with pip:

pip install signet

Features

  • Multiplatform: works under

    • Windows (32/64-bit)

    • Linux

    • FreeBSD

  • Integrated with Distutils

  • Protection from tampering (SHA1 hashed content)

  • On Windows

    • Provides code signing executables

    • PE executable verification

    • Automatic resource file generation

    • Customizable program icon

  • Customizable python loader (full c++ included)

  • Unique process name

    • show hello rather than python hello.py

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

signet-1.0.10.zip (30.1 kB view hashes)

Uploaded Source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page