Exemple #1
0
def signcert():
  email = request.json.get("email")
  duration = request.json.get("certDuration")
  public_key = json.loads(request.json.get("publicKey"))

  if not email or not duration or not public_key or email != current_user.email:
    return abort(400)

  now = time.time()
  expiry_time = int(now + float(duration)) * 1000

  with open("key.json") as f:
    k = json.load(f)

  key = load_key("RS256", k)
  data = {
    "iss": app.config["DOMAIN"],
    "exp": expiry_time,
    "iat": int(now) * 1000,
    "public-key": public_key,
    "principal": {"email": current_user.email}
  }

  signed_data = generate(data, key)
  return jsonify(certificate=signed_data)
Exemple #2
0
    def check_signature_with_cert(self, cert, signed_data, signature,
                                  algorithm):
        data = json.loads(cert)
        try:
            cert = jwt.load_key(algorithm, data)
        except ValueError:
            return False

        return cert.verify(signed_data, signature)
Exemple #3
0
    def check_signature_with_cert(self, cert, signed_data, signature,
                                  algorithm):
        data = json.loads(cert)
        try:
            cert = jwt.load_key(algorithm, data)
        except ValueError:
            return False

        return cert.verify(signed_data, signature)
Exemple #4
0
    def check_signature(self, hostname, signed_data, signature, algorithm):
        data = self.supportdocs.get_key(hostname)

        try:
            cert = jwt.load_key(algorithm, data)
        except ValueError:
            return False

        return cert.verify(signed_data, signature)
Exemple #5
0
    def check_signature(self, hostname, signed_data, signature, algorithm):
        data = self.supportdocs.get_key(hostname)

        try:
            cert = jwt.load_key(algorithm, data)
        except ValueError:
            return False

        return cert.verify(signed_data, signature)