Skip to content

Class swarmauri_core.signing.ISigning.ISigning

swarmauri_core.signing.ISigning.ISigning

Bases: ABC

supports abstractmethod

supports()

Return capability information.

Keys (omit if unsupported): - "algs": iterable of signature algorithms (e.g., "Ed25519", "RSA-PSS-SHA256", "OpenPGP"). - "canons": iterable of canonicalization identifiers (e.g., "json", "cbor", "json-c14n"). - "signs": iterable describing supported signing surfaces. Expected tokens include • "bytes" → :meth:sign_bytes • "digest" → :meth:sign_digest • "envelope" → :meth:sign_envelope • "stream" → :meth:sign_stream - "verifies": iterable describing supported verification surfaces using the same tokens as "signs". - "envelopes": iterable describing supported envelope shapes (e.g., "mapping", "aead_ciphertext", "multi_recipient"). - "features": optional iterable of flags, e.g.: • "multi" → optimized for multi‑signature sets • "detached_only" → only detached signatures (default) • "attest" → can include attestation chains in Signature["chain"]

Source code in swarmauri_core/signing/ISigning.py
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
@abstractmethod
def supports(self) -> Mapping[str, Iterable[str]]:
    """
    Return capability information.

    Keys (omit if unsupported):
      - "algs": iterable of signature algorithms (e.g., "Ed25519", "RSA-PSS-SHA256", "OpenPGP").
      - "canons": iterable of canonicalization identifiers (e.g., "json", "cbor", "json-c14n").
      - "signs": iterable describing supported signing surfaces. Expected tokens include
            • "bytes"    → :meth:`sign_bytes`
            • "digest"   → :meth:`sign_digest`
            • "envelope" → :meth:`sign_envelope`
            • "stream"   → :meth:`sign_stream`
      - "verifies": iterable describing supported verification surfaces using the
        same tokens as "signs".
      - "envelopes": iterable describing supported envelope shapes (e.g.,
        "mapping", "aead_ciphertext", "multi_recipient").
      - "features": optional iterable of flags, e.g.:
            • "multi"          → optimized for multi‑signature sets
            • "detached_only"  → only detached signatures (default)
            • "attest"         → can include attestation chains in Signature["chain"]
    """
    ...

sign_bytes abstractmethod async

sign_bytes(key, payload, *, alg=None, opts=None)

Produce one or more detached signatures over raw bytes.

RETURNS DESCRIPTION
Sequence[Signature]

Sequence[Signature] (typically length 1). Multiple signatures MAY be

Sequence[Signature]

returned if the provider is configured to co‑sign (e.g., hardware + software).

Source code in swarmauri_core/signing/ISigning.py
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
@abstractmethod
async def sign_bytes(
    self,
    key: KeyRef,
    payload: bytes,
    *,
    alg: Optional[Alg] = None,
    opts: Optional[Mapping[str, object]] = None,
) -> Sequence[Signature]:
    """
    Produce one or more detached signatures over raw bytes.

    Returns:
      Sequence[Signature] (typically length 1). Multiple signatures MAY be
      returned if the provider is configured to co‑sign (e.g., hardware + software).
    """
    ...

sign_digest abstractmethod async

sign_digest(key, digest, *, alg=None, opts=None)

Produce detached signatures over a pre-computed message digest.

Source code in swarmauri_core/signing/ISigning.py
114
115
116
117
118
119
120
121
122
123
124
@abstractmethod
async def sign_digest(
    self,
    key: KeyRef,
    digest: bytes,
    *,
    alg: Optional[Alg] = None,
    opts: Optional[Mapping[str, object]] = None,
) -> Sequence[Signature]:
    """Produce detached signatures over a pre-computed message digest."""
    ...

verify_bytes abstractmethod async

verify_bytes(
    payload, signatures, *, require=None, opts=None
)

Verify detached signatures over raw bytes.

PARAMETER DESCRIPTION
signatures

sequence of Signature mappings.

require

optional policy hints, e.g. {"min_signers": 1, "algs": ["Ed25519"]}

RETURNS DESCRIPTION
bool

True if the verification criteria are met, False otherwise.

Source code in swarmauri_core/signing/ISigning.py
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
@abstractmethod
async def verify_bytes(
    self,
    payload: bytes,
    signatures: Sequence[Signature],
    *,
    require: Optional[Mapping[str, object]] = None,
    opts: Optional[Mapping[str, object]] = None,
) -> bool:
    """
    Verify detached signatures over raw bytes.

    Parameters:
      signatures : sequence of Signature mappings.
      require    : optional policy hints, e.g. {"min_signers": 1, "algs": ["Ed25519"]}

    Returns:
      True if the verification criteria are met, False otherwise.
    """
    ...

sign_stream abstractmethod async

sign_stream(key, payload, *, alg=None, opts=None)

Produce detached signatures over streaming byte payloads.

Implementations MAY buffer the stream to reuse :meth:sign_bytes.

Source code in swarmauri_core/signing/ISigning.py
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
@abstractmethod
async def sign_stream(
    self,
    key: KeyRef,
    payload: ByteStream,
    *,
    alg: Optional[Alg] = None,
    opts: Optional[Mapping[str, object]] = None,
) -> Sequence[Signature]:
    """
    Produce detached signatures over streaming byte payloads.

    Implementations MAY buffer the stream to reuse :meth:`sign_bytes`.
    """
    ...

verify_stream abstractmethod async

verify_stream(
    payload, signatures, *, require=None, opts=None
)
Source code in swarmauri_core/signing/ISigning.py
165
166
167
168
169
170
171
172
173
@abstractmethod
async def verify_stream(
    self,
    payload: ByteStream,
    signatures: Sequence[Signature],
    *,
    require: Optional[Mapping[str, object]] = None,
    opts: Optional[Mapping[str, object]] = None,
) -> bool: ...

canonicalize_envelope abstractmethod async

canonicalize_envelope(env, *, canon=None, opts=None)

Deterministically canonicalize an envelope to bytes prior to signing/verifying.

Implementations MUST document the exact canonicalization performed for each 'canon' token and ensure stable byte output for semantically identical envelopes.

Source code in swarmauri_core/signing/ISigning.py
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
@abstractmethod
async def canonicalize_envelope(
    self,
    env: Envelope,
    *,
    canon: Optional[Canon] = None,
    opts: Optional[Mapping[str, object]] = None,
) -> bytes:
    """
    Deterministically canonicalize an envelope to bytes prior to signing/verifying.

    Implementations MUST document the exact canonicalization performed for each
    'canon' token and ensure stable byte output for semantically identical envelopes.
    """
    ...

sign_envelope abstractmethod async

sign_envelope(key, env, *, alg=None, canon=None, opts=None)

Produce one or more detached signatures over a canonicalized envelope.

Source code in swarmauri_core/signing/ISigning.py
193
194
195
196
197
198
199
200
201
202
203
204
205
206
@abstractmethod
async def sign_envelope(
    self,
    key: KeyRef,
    env: Envelope,
    *,
    alg: Optional[Alg] = None,
    canon: Optional[Canon] = None,
    opts: Optional[Mapping[str, object]] = None,
) -> Sequence[Signature]:
    """
    Produce one or more detached signatures over a canonicalized envelope.
    """
    ...

verify_envelope abstractmethod async

verify_envelope(
    env, signatures, *, canon=None, require=None, opts=None
)

Verify detached signatures against the canonicalized envelope.

'require' can express policy such as:

Source code in swarmauri_core/signing/ISigning.py
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
@abstractmethod
async def verify_envelope(
    self,
    env: Envelope,
    signatures: Sequence[Signature],
    *,
    canon: Optional[Canon] = None,
    require: Optional[Mapping[str, object]] = None,
    opts: Optional[Mapping[str, object]] = None,
) -> bool:
    """
    Verify detached signatures against the canonicalized envelope.

    'require' can express policy such as:
      {"min_signers": 2, "algs": ["Ed25519", "RSA-PSS-SHA256"], "kids": ["..."]}
    """
    ...

verify_digest abstractmethod async

verify_digest(
    digest, signatures, *, require=None, opts=None
)

Verify detached signatures produced over a pre-computed digest.

Source code in swarmauri_core/signing/ISigning.py
228
229
230
231
232
233
234
235
236
237
238
@abstractmethod
async def verify_digest(
    self,
    digest: bytes,
    signatures: Sequence[Signature],
    *,
    require: Optional[Mapping[str, object]] = None,
    opts: Optional[Mapping[str, object]] = None,
) -> bool:
    """Verify detached signatures produced over a pre-computed digest."""
    ...