Python VerifyingKey.from_der Examples

Example #1

File: util.py Project: samuraisam/addressimo

    def check_sig(*args, **kwargs):

        id = get_id()

        if request.headers.get('x-signature'):
            sig = request.headers.get('x-signature')
        else:
            log.info('No x-signature header present, Signature Check Failed [ID: %s]' % id)
            return create_json_response(False, 'Missing x-signature header', 400)

        try:
            vk = VerifyingKey.from_der(request.headers.get('x-identity').decode('hex'))
        except UnexpectedDER as e:
            log.info('Bad Key Format [ID: %s]: %s' % (id, str(e)))
            return create_json_response(False, 'Bad Public Key Format', 400)

        try:
            verified = vk.verify(sig.decode('hex'), str(request.url) + str(request.data))
            if verified:
                return f(*args, **kwargs)
            else:
                return create_json_response(False, 'Signature Verification Error', 401)

        except BadDigestError as e:
            log.info('Digest Error During Signature Validation [ID: %s]: %s' % (id, str(e)))
            return create_json_response(False, 'Signature Verification Error', 401)

        except BadSignatureError as e:
            log.info('Bad Signature Encountered During Signature Validation [ID: %s]: %s' % (id, str(e)))
            return create_json_response(False, 'Signature Verification Error', 401)

Example #2

    def check_sig(*args, **kwargs):

        id = get_id()

        if request.headers.get('x-signature'):
            sig = request.headers.get('x-signature')
        else:
            log.info('No x-signature header present, Signature Check Failed [ID: %s]' % id)
            return create_json_response(False, 'Missing x-signature header', 400)

        try:
            xidentity = request.headers.get('x-identity').decode('hex')
            vk = from_sec(xidentity) or VerifyingKey.from_der(xidentity)
        except UnexpectedDER as e:
            log.info('Bad Key Format [ID: %s]: %s' % (id, str(e)))
            return create_json_response(False, 'Bad Public Key Format', 400)

        try:
            url = urlparse(request.url).hostname.rstrip('/') + request.path
            verified = vk.verify(sig.decode('hex'), str(request.method) + str(url) + str(request.data), hashfunc=sha256, sigdecode=sigdecode_der)
            if verified:
                return f(*args, **kwargs)
            else:
                return create_json_response(False, 'Signature Verification Error', 401)

        except BadDigestError as e:
            log.info('Digest Error During Signature Validation [ID: %s]: %s' % (id, str(e)))
            return create_json_response(False, 'Signature Verification Error', 401)

        except BadSignatureError as e:
            log.info('Bad Signature Encountered During Signature Validation [ID: %s]: %s' % (id, str(e)))
            return create_json_response(False, 'Signature Verification Error', 401)

Example #3

    def _eddsa_pubkey_parsing(self, subject_public_key_info):
        """
        Convert the raw DER encoded EdDSA parameters into public key object.

        :param subject_public_key_info: bytes like object with the DER encoded
            public key in it
        """
        try:
            # python ecdsa knows how to parse curve OIDs so re-use that
            # code
            public_key = VerifyingKey.from_der(
                compatHMAC(subject_public_key_info))
        except Exception:
            raise SyntaxError("Malformed or unsupported public key in "
                              "certificate")
        self.publicKey = _create_public_eddsa_key(public_key)