This tutorial shows how one party can sign a message and the other can verify the authenticity of the signer.

It uses python3 and the requests library.

Setup

Import the requests library, set the API url, and make sure to send the correct headers.

import requests
url = "https://libsodium-cryptography.p.rapidapi.com/api/1.0"
headers = {
    "X-RapidAPI-Key": "<your-rapid-api-key>",
    "Content-Type": "application/json"
}

Create a key pair

Generate a public key and private key on the signer’s environment. Share the public key with the message recipient.

key_request = requests.post(url + "/crypto_sign_keypair", headers)
keys = key_request.json().data
public_key = keys["publicKey"]
private_key = keys["privateKey"]

Signing and Verifying a Message

Create a message that will be shared between two parties

message = "This message will be signed"

Sign a message

Sign a message using the private key.

sign_body = {
    "message": message,
    "privateKey": private_key
}
sign_request = requests.post(url + "/crypto_sign", json=sign_body, headers)
signature = sign_request.json().data

Verify a message signature

On the recipient’s environment, verify the message was signed with the with the signer’s public key

verify_body = {
    "message": message,
    "signature": signature,
    "publicKey": public_key
}
verify_request = requests.post(url + "/crypto_sign_open", json=verify_body, headers)
verification = sign_request.json().data

print("verification succeded: " + str(verification))
# expect "verification succeded: true"