def from_base64(self, b64_claim: str, is_big_endian: bool = True):
try:
b64_head, b64_payload, b64_signature, b64_blk_proof = b64_claim.split(
'.')
except ValueError:
raise SDKException(ErrorCode.invalid_b64_claim_data)
self.__head = Header.from_base64(b64_head)
self.__payload = Payload.from_base64(b64_payload)
self.__signature = base64.b64decode(b64_signature)
self.__blk_proof = BlockchainProof(self.__sdk).from_base64(
b64_blk_proof, is_big_endian)
def validate_signature(self, b64_claim: str):
try:
b64_head, b64_payload, b64_signature, _ = b64_claim.split('.')
except ValueError:
raise SDKException(ErrorCode.invalid_b64_claim_data)
head = Header.from_base64(b64_head)
payload = Payload.from_base64(b64_payload)
signature = base64.b64decode(b64_signature)
kid = head.kid
iss_ont_id = payload.iss
msg = f'{b64_head}.{b64_payload}'.encode('ascii')
pk = ''
pub_keys = self.__sdk.native_vm.ont_id().get_public_keys(iss_ont_id)
if len(pub_keys) == 0:
raise SDKException(ErrorCode.invalid_claim_head_params)
for pk_info in pub_keys:
if kid == pk_info.get('PubKeyId', ''):
pk = pk_info.get('Value', '')
break
if pk == '':
raise SDKException(ErrorCode.invalid_b64_claim_data)
handler = SignatureHandler(head.alg)
result = handler.verify_signature(pk, msg, signature)
return result
def test_claim_head_b64(self):
self.assertEqual(
dict(self.claim_header),
dict(Header.from_base64(self.claim_header.to_base64())))