Show HN: Blake2Signer – Python lib to sign and verify data using BLAKE

blake2signer.hackan.net

4 points

3 years ago

Blake2Signer (https://blake2signer.hackan.net) is a Python library, whose goal is to provide developers a simple and straightforward way to securely sign data using BLAKE in keyed hashing mode, using a secret key: this can be used, in example, when you need to send some data that could be tampered by the user, like a payment authorization, a login token, or a form. This data travels in plaintext, and can be read, but it can't be modified in any way!.

This library was born as my need to simply sign some data structure to store it in a cookie securely. I had been using itsdangerous for that, but at some point I wanted something simpler, and uncomplicated, so I wrote a couple of lines and got it working using native BLAKE2 in keyed hashing mode, which I then published as a Gist (https://gist.github.com/HacKanCuBa/b93864a1ed41746b3d75f80eb...) for others (and me) to use in a copy-and-paste fashion. I proceeded to add a few features, tests, and the like, and eventually asked myself: why not create an actual package?. The more I edited the Gist, the more I believed it could actually be more useful as a package, and to be actually installed in projects, just like other excellent libs such as itsdangerous, Django's signer, pypaseto, pyjwt, etc.

Additionally, this library has good tests, good docs, a nice changelog, automated tests with several Python versions (supports Python3.7+), follows semver, it's production-ready, it's fast and easy to use... well, I will let you decide that :)

Any feedback about it is very welcome! To try it out, just pip install it, and follow any of the shown examples: they are all copy-paste-able ready-to-work.