def fake_get_verifier(context, cert_uuid, hash_method, img_signature, key_type): verifier = mock.Mock() if (img_signature is not None and img_signature == 'VALID'): verifier.verify.return_value = None else: ex = crypto_exception.InvalidSignature() verifier.verify.side_effect = ex return verifier
def fake_get_verifier(context, image_properties): verifier = mock.Mock() if (image_properties is not None and 'img_signature' in image_properties and image_properties['img_signature'] == 'VALID'): verifier.verify.return_value = None else: ex = crypto_exception.InvalidSignature() verifier.verify.side_effect = ex return verifier
def unsign(self, signed_value): if self.sep not in signed_value: raise exceptions.InvalidSignature('No "%s" found in value' % self.sep) timed_value, b64_sig = str(signed_value).rsplit(self.sep, 1) value, b62_time = timed_value.rsplit(self.sep, 1) signature = base64.urlsafe_b64decode(b64_sig) signature_time = baseconv.base62.decode(b62_time) now = time.time() verify_value = '{salt}{sep}{value}'.format(salt=self.salt, value=timed_value, sep=self.sep) self.public_key.verify(signature, verify_value, hashes.SHA256()) if now - signature_time > self.max_delta: raise exceptions.InvalidSignature('Signature is too old.') return value