def GetVerifierAlg(self, public_key): """Returns algorithm to use for verifying messages. Args: public_key: Public key to use to construct the algorithm. Returns: An algorithm object that can be used to sign byte sequences. """ # TODO(jpanzer): Massage public_key into appropriate format if needed. return magicsigalg.SignatureAlgRsaSha256(public_key)
def GetSigningAlg(self, signing_key): """Returns algorithm to use for signing messages. Args: signing_key: Keypair to use to construct the algorithm. Returns: An algorithm object that can be used to sign byte sequences. """ # TODO(jpanzer): Massage signing_key into appropriate format if needed. # Use standard test key if testing: if signing_key == 'TEST': signing_key = ( 'RSA.mVgY8RN6URBTstndvmUUPb4UZTdwvwmddSKE5z_jvKUEK6yk1' 'u3rrC9yN8k6FilGj9K0eeUPe2hf4Pj-5CmHww==' '.AQAB' '.Lgy_yL3hsLBngkFdDw1Jy9TmSRMiH6yihYetQ8jy-jZXdsZXd8V5' 'ub3kuBHHk4M39i3TduIkcrjcsiWQb77D8Q==') return magicsigalg.SignatureAlgRsaSha256(signing_key)
def Verify(self, env): """Verifies magic envelope data. Checks that its signature matches the contents and that the author's public key generated the signature. Args: env: The magic envelope data in dict form (section 3.1 of spec) Returns: True iff the signature is verified. """ assert env['alg'] == 'RSA-SHA256' assert env['encoding'] == self.ENCODING # Decode data to text and grab the author: text = base64.urlsafe_b64decode(env['data'].encode('utf-8')) signer_uri = self.GetSignerURI(text) verifier = magicsigalg.SignatureAlgRsaSha256( self.GetKeypair(signer_uri)) return verifier.Verify(env['data'], env['sig'])