neuralqx.utils.misc.auth module

Authenticator utility for signing and verifying neuraLQX HTML output logs.

Supports both: - Legacy format: <p id=”rd”>…, <p id=”sgn”>…, <p id=”pk”>… - New UI format: <script id=”nqx-data” type=”application/json”>… plus <p id=”sgn”> and <p id=”pk”>

The recommended API is:

Authenticator.verify_file(path) -> (ok: bool, payload_str: str, error: str|None)

A legacy-compatible verify_signature(path) is kept, which prints results.

class VerificationResult(ok, payload, signature_b64, public_key_pem, error=None, format='unknown')

Bases: object

error: str | None = None

format: str = 'unknown'

class Authenticator

Bases: object

static generate_key_pair()

static sign_data(private_key, data)

Return type:

str

static extract_from_html(html_text)

Return type:

Tuple[str, str, str, str]

static verify_payload(payload, signature_b64, public_key_pem)

Return type:

VerificationResult

static verify_file(path)

Return type:

VerificationResult

static verify_signature(path)

Return type:

None

get_hash()

Generate a short unique identifier suitable for tagging outputs.

The identifier is built from: - a 6-hex-character prefix derived from a UUID4, and - a 10-hex-character cryptographic token (5 bytes) from secrets.token_hex.

The two components are joined with a hyphen, e.g. "a1b2c3-7f3a9c12de".

Returns:

A short unique string identifier.