def fake_get_verifier(context, cert_uuid, hash_method,
img_signature, key_type):
verifier = mock.Mock()
if (img_signature is not None and img_signature == 'VALID'):
verifier.verify.return_value = None
else:
ex = crypto_exception.InvalidSignature()
verifier.verify.side_effect = ex
return verifier
def fake_get_verifier(context, image_properties):
verifier = mock.Mock()
if (image_properties is not None and 'img_signature' in image_properties
and image_properties['img_signature'] == 'VALID'):
verifier.verify.return_value = None
else:
ex = crypto_exception.InvalidSignature()
verifier.verify.side_effect = ex
return verifier
def unsign(self, signed_value):
if self.sep not in signed_value:
raise exceptions.InvalidSignature('No "%s" found in value' %
self.sep)
timed_value, b64_sig = str(signed_value).rsplit(self.sep, 1)
value, b62_time = timed_value.rsplit(self.sep, 1)
signature = base64.urlsafe_b64decode(b64_sig)
signature_time = baseconv.base62.decode(b62_time)
now = time.time()
verify_value = '{salt}{sep}{value}'.format(salt=self.salt,
value=timed_value,
sep=self.sep)
self.public_key.verify(signature, verify_value, hashes.SHA256())
if now - signature_time > self.max_delta:
raise exceptions.InvalidSignature('Signature is too old.')
return value
