def _assert_correct_signature_algorithms(self, hash_algo, sig_algo):
        if (hash_algo != self.__sig_verifier.HASH_ALGORITHM):
            raise error.SignatureError(
                "Hash algorithm used for the signature (%d) does not match the "
                "one used for the public key (%d)" %
                (hash_algo, self.__sig_verifier.HASH_ALGORITHM))

        if (sig_algo != self.__sig_verifier.SIGNATURE_ALGORITHM):
            raise error.SignatureError(
                "Signing algorithm used (%d) does not match the one used for "
                "the public key (%d)" %
                (sig_algo, self.__sig_verifier.SIGNATURE_ALGORITHM))

        return True
    def verify(self, signature_input, signature):
        """Verifies the signature was created by the owner of the public key.

        Args:
        - signature_input: The data that was originally signed.
        - signature: An ECDSA SHA256 signature.

        Returns:
        - True if the signature verifies.

        Raises:
        - error.EncodingError: If the signature encoding is invalid.
        - error.SignatureError: If the signature fails verification.
        """
        try:
            _ECDSASignature.decode(signature)
            return self.__key.verify(signature,
                                     signature_input,
                                     hashfunc=hashlib.sha256,
                                     sigdecode=ecdsa.util.sigdecode_der)
        except (ecdsa.der.UnexpectedDER, error.ASN1Error) as e:
            raise error.EncodingError("Invalid DER encoding for signature %s",
                                      signature.encode("hex"), e)
        except ecdsa.keys.BadSignatureError:
            raise error.SignatureError("Signature did not verify: %s",
                                       signature.encode("hex"))
Exemple #3
0
 def _verify(self, signature_input, signature):
     try:
         return self.__pubkey.verify(signature, signature_input,
                                     hashfunc=hashlib.sha256,
                                     sigdecode=ecdsa.util.sigdecode_der)
     except ecdsa.der.UnexpectedDER:
         raise error.EncodingError("Invalid DER encoding for signature %s",
                                   signature.encode("hex"))
     except ecdsa.keys.BadSignatureError:
         raise error.SignatureError("Signature did not verify: %s",
                                    signature.encode("hex"))
Exemple #4
0
    def verify(self, signature_input, signature):
        """Verifies the signature was created by the owner of the public key.

        Args:
        - signature_input: The data that was originally signed.
        - signature: An ECDSA SHA256 signature.

        Returns:
        - True if the signature verifies.

        Raises:
        - error.SignatureError: If the signature fails verification.
        """
        try:
            self.__key.verify(signature, signature_input,
                              ec.ECDSA(hashes.SHA256()))
        except cryptography.exceptions.InvalidSignature:
            raise error.SignatureError("Signature did not verify: %s" %
                                       signature.encode("hex"))

        return True
    def verify(self, signature_input, signature):
        """Verifies the signature was created by the owner of the public key.

        Args:
        - signature_input: The data that was originally signed.
        - signature: An RSA SHA256 signature.

        Returns:
        - True if the signature verifies.

        Raises:
        - error.SignatureError: If the signature fails verification.
        """
        verifier = Crypto.Signature.PKCS1_v1_5.new(self.__key)
        sha256_hash = Crypto.Hash.SHA256.new(signature_input)

        if verifier.verify(sha256_hash, signature):
            return True
        else:
            raise error.SignatureError("Signature did not verify: %s",
                                       signature.encode("hex"))