Verifying the integrity/lineage of a file
Malcolm Greene
python at bdurham.com
Fri Aug 31 10:36:52 EDT 2018
I have use case where I need to distribute binary files to customers and
want to provide a way for our customers to verify the
"integrity/lineage" (I know there's a better description, but can't
think of it) of these files, eg. to give them the confidence that the
files in question are from me and haven't been altered.
Here's the methods I can think of using Python:
1. Use hashlib to hash each file (SHA256)+ and send the hashes
separately for verification2. Use hmac to sign each file
3. Use a 3rd party crypto library to sign each file and use a set of
public/private SSH keys for verification
Any suggestions on techniques and/or libraries appreciated.
Thank you,
Malcolm
More information about the Python-list
mailing list