def verify(self, msg, sig, key):
if sys.version < '3':
if safe_str_cmp(self.sign(msg, key), sig):
return True
elif constant_time_compare(self.sign(msg, key), sig):
return True
raise BadSignature(repr(sig))
def verify(self, msg, sig, key):
if sys.version < '3':
if safe_str_cmp(self.sign(msg, key), sig):
return True
elif constant_time_compare(self.sign(msg, key), sig):
return True
raise BadSignature(repr(sig))
def verify_cookie_signature(sig, key, *parts):
"""Constant time verifier for signatures
:param sig: The signature hexdigest to check
:type sig: text_type
:param key: The HMAC key to use.
:type key: bytes
:param parts: List of parts to include in the MAC
:type parts: list of bytes or strings
:raises: `InvalidCookieSign` when the signature is wrong
"""
assert isinstance(sig, text_type)
return safe_str_cmp(sig, cookie_signature(key, *parts))
def verify_cookie_signature(sig, key, *parts):
"""Constant time verifier for signatures
:param sig: The signature hexdigest to check
:type sig: text_type
:param key: The HMAC key to use.
:type key: bytes
:param parts: List of parts to include in the MAC
:type parts: list of bytes or strings
:raises: `InvalidCookieSign` when the signature is wrong
"""
assert isinstance(sig, text_type)
return safe_str_cmp(sig, cookie_signature(key, *parts))
def verify(self, msg, sig, key):
if not safe_str_cmp(self.sign(msg, key), sig):
raise BadSignature(repr(sig))
return
def verify(self, msg, sig, key):
if not safe_str_cmp(self.sign(msg, key), sig):
raise BadSignature(repr(sig))
return
def decrypt(self, token, key, context, debug=False):
"""
Does decryption according to the JWE proposal
draft-ietf-jose-json-web-encryption-06
:param token: The
:param key:
:return:
"""
b64_head, b64_jek, b64_iv, b64_ctxt, b64_tag = token.split(b".")
self.parse_header(b64_head)
iv = b64d(str(b64_iv))
if context == "private":
_decrypt = RSAEncrypter().private_decrypt
else:
_decrypt = RSAEncrypter().public_decrypt
jek = b64d(str(b64_jek))
if debug:
print >>sys.stderr, "enc_key", hd2ia(hexlify(jek))
_alg = self["alg"]
if _alg == "RSA-OAEP":
cek = _decrypt(jek, key, "pkcs1_oaep_padding")
elif _alg == "RSA1_5":
cek = _decrypt(jek, key)
else:
raise NotSupportedAlgorithm(_alg)
enc = self["enc"]
try:
assert enc in SUPPORTED["enc"]
except AssertionError:
raise NotSupportedAlgorithm(enc)
auth_data = b64_head
_ctxt = b64d(str(b64_ctxt))
_tag = b64d(str(b64_tag))
if enc == "A256GCM":
msg = gcm_decrypt(cek, iv, _ctxt, auth_data, _tag)
elif enc.startswith("A128CBC-") or enc.startswith("A256CBC-"):
enc, hashf = enc.split("-")
mac_key = cek[:16]
enc_key = cek[16:]
c = M2Crypto.EVP.Cipher(alg=ENC2ALG[enc], key=enc_key, iv=iv, op=DEC)
msg = aes_dec(c, _ctxt)
al = int2bigendian(len(auth_data) * 8)
while len(al) < 8:
al.insert(0, 0)
_inp = str(auth_data) + iv + _ctxt + intarr2str(al)
verifier = SIGNER_ALGS[hashf]
# Can't use the verify function directly since the tag I have only
# are the first 128 bits of the signature
if not safe_str_cmp(verifier.sign(_inp, mac_key)[:16], _tag):
raise BadSignature()
else:
raise MethodNotSupported(enc)
if "zip" in self and self["zip"] == "DEF":
msg = zlib.decompress(msg)
return msg
