def GetVerifierAlg(self, public_key):
"""Returns algorithm to use for verifying messages.
Args:
public_key: Public key to use to construct the algorithm.
Returns:
An algorithm object that can be used to sign byte sequences.
"""
# TODO(jpanzer): Massage public_key into appropriate format if needed.
return magicsigalg.SignatureAlgRsaSha256(public_key)
def GetSigningAlg(self, signing_key):
"""Returns algorithm to use for signing messages.
Args:
signing_key: Keypair to use to construct the algorithm.
Returns:
An algorithm object that can be used to sign byte sequences.
"""
# TODO(jpanzer): Massage signing_key into appropriate format if needed.
# Use standard test key if testing:
if signing_key == 'TEST':
signing_key = (
'RSA.mVgY8RN6URBTstndvmUUPb4UZTdwvwmddSKE5z_jvKUEK6yk1'
'u3rrC9yN8k6FilGj9K0eeUPe2hf4Pj-5CmHww=='
'.AQAB'
'.Lgy_yL3hsLBngkFdDw1Jy9TmSRMiH6yihYetQ8jy-jZXdsZXd8V5'
'ub3kuBHHk4M39i3TduIkcrjcsiWQb77D8Q==')
return magicsigalg.SignatureAlgRsaSha256(signing_key)
def Verify(self, env):
"""Verifies magic envelope data.
Checks that its signature matches the contents and that the
author's public key generated the signature.
Args:
env: The magic envelope data in dict form (section 3.1 of spec)
Returns:
True iff the signature is verified.
"""
assert env['alg'] == 'RSA-SHA256'
assert env['encoding'] == self.ENCODING
# Decode data to text and grab the author:
text = base64.urlsafe_b64decode(env['data'].encode('utf-8'))
signer_uri = self.GetSignerURI(text)
verifier = magicsigalg.SignatureAlgRsaSha256(
self.GetKeypair(signer_uri))
return verifier.Verify(env['data'], env['sig'])