def deserialize_public_key(pem):
'''
Deserialize public key from ASCII.
'''
if not pem:
raise exc.missingKey("Missing pem data")
public_key = serialization.load_pem_public_key(
pem,
backend=default_backend())
return public_key
def decrypt(private_key, block):
'''
Decrypt the given block with the given private key. Return decrypted block.
'''
if not private_key:
raise exc.missingKey("Missing private key")
return private_key.decrypt(
block,
padding.OAEP(
mgf=padding.MGF1(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None))
def encrypt(public_key, block):
'''
Encrypt the given block with the given public key. Return encrypted block.
'''
if not public_key:
raise exc.missingKey("Missing public key")
return public_key.encrypt(
block,
padding.OAEP(
mgf=padding.MGF1(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None))
def sign(private_key, block):
'''
Sign the given block with the given private key.
'''
if not private_key:
raise exc.missingKey("Missing private key")
return private_key.sign(
block,
padding.PSS(
mgf=padding.MGF1(hashes.SHA256()),
salt_length=padding.PSS.MAX_LENGTH),
hashes.SHA256())
def verify(public_key, block, signature):
'''
Verify the given block with the given public key.
'''
if not public_key:
raise exc.missingKey("Missing public key")
try:
signature = public_key.verify(
signature,
block,
padding.PSS(
mgf=padding.MGF1(hashes.SHA256()),
salt_length=padding.PSS.MAX_LENGTH),
hashes.SHA256())
except InvalidSignature:
raise exc.BlockSignatureVerifyFailureException