Ejemplo n.º 1
0
 def verify(self, message: bytes, signature: bytes, key: rsa.RSAPublicKey):
     try:
         key.verify(signature, message,
                    padding.PSS(mgf=padding.MGF1(hashes.SHA256()), salt_length=padding.PSS.MAX_LENGTH),
                    hashes.SHA256())
         return True
     except InvalidSignature:
         return False
Ejemplo n.º 2
0
 def verify(self, key: rsa.RSAPublicKey, msg: bytes, sig: bytes) -> bool:
     """Verify the ``msg` and ``sig`` using ``key``."""
     try:
         key.verify(sig, msg, self.padding, self.hash)
     except cryptography.exceptions.InvalidSignature as error:
         logger.debug(error, exc_info=True)
         return False
     else:
         return True
Ejemplo n.º 3
0
 def verify(sig, data, pkey: rsa.RSAPublicKey):
     """Verify that the signature `sig` is valid for data `data` and public key `pkey`.
     Returns True if the signature is valid, False otherwise."""
     try:
         pkey.verify(sig, data, padding.PKCS1v15(),
                     utils.Prehashed(hashes.MD5()))
     except InvalidSignature:
         return False
     return True
Ejemplo n.º 4
0
def check_certificate_against_public_key(
    cert: Certificate,
    public_key: RSAPublicKey,
) -> None:
    # Check if the signature of the certificate matches the public key
    public_key.verify(
        cert.signature,
        cert.tbs_certificate_bytes,
        PKCS1v15(),
        SHA256(),
    )
Ejemplo n.º 5
0
Archivo: jwt.py Proyecto: jonpet6/STPP
def _verify_bytes(public_key: RSAPublicKey, signature: bytes,
                  data: bytes) -> None:
    """
	Raises
	-------
	cryptography.exceptions.InvalidSignature
	"""
    public_key.verify(
        signature, data,
        padding.PSS(mgf=padding.MGF1(hashes.SHA256()),
                    salt_length=padding.PSS.MAX_LENGTH), hashes.SHA256())
Ejemplo n.º 6
0
 def verify(self, msg: str, signed: str, public_key: RSAPublicKey) -> bool:
     try:
         public_key.verify(binascii.a2b_base64(signed),
                           msg.encode("ascii"),
                           padding=padding.PSS(
                               mgf=padding.MGF1(hashes.SHA256()),
                               salt_length=padding.PSS.MAX_LENGTH),
                           algorithm=hashes.SHA256())
     except InvalidSignature:
         return False
     return True
Ejemplo n.º 7
0
    def assertValidSignature(self, public_key: rsa.RSAPublicKey,
                             signed_base64: str, message: bytes):
        from cryptography.hazmat.primitives import hashes
        from cryptography.hazmat.primitives.asymmetric import padding, utils
        import base64
        import hashlib

        digest = hashlib.sha256(message).digest()

        # si la firma es invalida, este metodo arroja una excepcion
        public_key.verify(base64.b64decode(signed_base64), digest,
                          padding.PKCS1v15(), utils.Prehashed(hashes.SHA256()))

        self.assertTrue(True)
Ejemplo n.º 8
0
    def verify_signature(public_key: RSAPublicKey, signature: bytes,
                         data: bytes) -> None:
        """Verfies the supplied signature.

        Args:
            public_key: RSA public key with which the verification is done.
            signature: The signature to verify.
            data: The message that was signed.

        Raises:
            InvalidSignature if signature is not valid.
        """
        public_key.verify(
            signature,
            data,
            padding.PKCS1v15(),
            hashes.SHA256(),
        )
Ejemplo n.º 9
0
 def verify_message(self, msg: bytes, signature: bytes,
                    public_key: RSAPublicKey) -> bool:
     """
     Checks message signature
     :param msg: message
     :param signature: message's signature
     :param public_key: sender's public key
     :return: true if signature is correct, false otherwise
     """
     try:
         public_key.verify(signature=signature,
                           data=msg,
                           padding=padding.PSS(
                               mgf=padding.MGF1(hashes.SHA256()),
                               salt_length=padding.PSS.MAX_LENGTH),
                           algorithm=hashes.SHA256())
     except InvalidSignature:
         return False
     return True
Ejemplo n.º 10
0
    def verify(cert: "X509Certificate", public_key: rsa.RSAPublicKey) -> bool:
        """
        return weither the certificate is valid or not
        """
        try:
            public_key.verify(
                cert._certificate.signature,
                cert._certificate.tbs_certificate_bytes,
                padding.PKCS1v15(),
                cert._certificate.signature_hash_algorithm,
            )
        except InvalidSignature as e:
            print("InvalidSignature")
            return False

        today = datetime.datetime.today()
        if (cert._certificate.not_valid_after < today
                or cert._certificate.not_valid_before > today):
            print("Certificate out of date")
            return False
        return True
Ejemplo n.º 11
0
def verify(public_key: rsa.RSAPublicKey, msg: bytes, signature: bytes) -> bool:
    """
    Verifies the authenticity of a signed transmission.

    :param public_key: The public key to verify the signature against.
    :type public_key: :class:`rsa.RSAPublicKey`
    :param msg: The signed message.
    :type msg: `bytes`
    :param signature: The signature.
    :type signature: `bytes`
    :returns: True if the signature was verified, False otherwise.
    :rtype: `bool`
    """
    try:
        public_key.verify(signature, msg, padding.PSS(
            mgf=padding.MGF1(hashes.SHA256()),
            salt_length=padding.PSS.MAX_LENGTH),
            hashes.SHA256())
        return True
    except InvalidSignature:
        return False
Ejemplo n.º 12
0
        def get_rsa_verifier(pub_key: rsa.RSAPublicKey):
            if sigAlgo.signature_algo == 'rsassa_pss':
                sig_algo_params = sigAlgo['parameters']
                assert 'mask_gen_algorithm' in sig_algo_params
                assert 'salt_length' in sig_algo_params

                mgf = sig_algo_params['mask_gen_algorithm']['algorithm'].native
                if 'mgf1' != mgf:
                    raise ValueError(
                        "Invalid mask generation algorithm: {}".format(mgf))

                mgf1_hash_algo = sig_algo_params['mask_gen_algorithm'][
                    'parameters']['algorithm'].native
                mgf1_hash_algo = algo_utils.get_hash_algo_by_name(
                    mgf1_hash_algo)
                return Verifier(lambda: pub_key.verify(
                    signature, message,
                    padding.PSS(mgf=padding.MGF1(mgf1_hash_algo),
                                salt_length=sig_algo_params['salt_length'].
                                native), hash_algo))
            else:
                return Verifier(lambda: pub_key.verify(
                    signature, message, padding.PKCS1v15(), hash_algo))
Ejemplo n.º 13
0
 def verify(self, plaintext: bytes, signature, otherkey: rsa.RSAPublicKey):
     otherkey.verify(
         signature, plaintext,
         apadding.PSS(mgf=apadding.MGF1(hashes.SHA256()),
                      salt_length=apadding.PSS.MAX_LENGTH), hashes.SHA256())