def compare_pubkey(o1):
if KeyType.from_pubkey(o1) == KeyType.SM2:
raise Exception("not supported")
elif KeyType.from_pubkey(o1) == KeyType.ECDSA:
x = o1[1:]
return util.string_to_number(x)
else:
return str(o1)
def compare_pubkey(pub_key: bytes):
if not isinstance(pub_key, bytes):
raise SDKException(ErrorCode.other_error('Invalid key.'))
if KeyType.from_pubkey(pub_key) == KeyType.SM2:
raise SDKException(ErrorCode.other_error('Unsupported key type'))
elif KeyType.from_pubkey(pub_key) == KeyType.ECDSA:
x = pub_key[1:]
return util.string_to_number(x)
else:
return str(pub_key)
def test_from_signature_scheme(self):
key_type = KeyType.from_signature_scheme(SignatureScheme.SM3withSM2)
self.assertTrue(key_type is KeyType.SM2)
ecdsa_scheme = [
SignatureScheme.SHA224withECDSA, SignatureScheme.SHA256withECDSA,
SignatureScheme.SHA384withECDSA, SignatureScheme.SHA384withECDSA,
SignatureScheme.SHA512withECDSA, SignatureScheme.SHA3_224withECDSA,
SignatureScheme.SHA3_256withECDSA,
SignatureScheme.SHA3_384withECDSA,
SignatureScheme.SHA3_512withECDSA,
SignatureScheme.RIPEMD160withECDSA
]
for scheme in ecdsa_scheme:
key_type = KeyType.from_signature_scheme(scheme)
self.assertTrue(key_type is KeyType.ECDSA)
def parse_pub_keys(ont_id: str, raw_pub_keys: str or bytes) -> list:
if isinstance(raw_pub_keys, str):
stream = StreamManager.get_stream(bytearray.fromhex(raw_pub_keys))
elif isinstance(raw_pub_keys, bytes):
stream = StreamManager.get_stream(raw_pub_keys)
else:
raise SDKException(ErrorCode.params_type_error('bytes or str parameter is required.'))
reader = BinaryReader(stream)
pub_keys = list()
while True:
try:
kid = f'{ont_id}#keys-{reader.read_int32()}'
bytes_key = reader.read_var_bytes()
hex_pub_key = bytes_key.hex()
if len(bytes_key) == 33:
key_info = dict(PubKeyId=kid, Type=KeyType.ECDSA.name, Curve=Curve.P256.name, Value=hex_pub_key)
else:
key_type = KeyType.from_label(bytes_key[0])
curve = Curve.from_label(bytes_key[1])
key_info = dict(PubKeyId=kid, Type=key_type, Curve=curve, Value=hex_pub_key)
pub_keys.append(key_info)
except SDKException as e:
if e.args[0] != 10001:
raise e
else:
break
return pub_keys
def verify_signature(self, public_key: bytearray, data: bytearray,
signature: bytearray):
key_type = KeyType.ECDSA
if len(public_key) == 33:
key_type = KeyType.ECDSA
elif len(public_key) == 35:
key_type = KeyType.from_label(public_key[0])
handler = SignatureHandler(key_type, SignatureScheme.SHA256withECDSA)
if key_type == KeyType.ECDSA:
handler = SignatureHandler(key_type,
SignatureScheme.SHA256withECDSA)
elif key_type == KeyType.SM2:
handler = SignatureHandler(key_type, SignatureScheme.SM3withSM2)
else:
raise Exception("unsupport key type")
return handler.verify_signature(public_key, data, signature)
def validate_signature(self, b64_claim: str):
try:
b64_head, b64_payload, b64_signature, _ = b64_claim.split('.')
except ValueError:
raise SDKException(ErrorCode.invalid_b64_claim_data)
head = Header.from_base64(b64_head)
payload = Payload.from_base64(b64_payload)
signature = base64.b64decode(b64_signature)
kid = head.kid
iss_ont_id = payload.iss
pub_keys = self.__sdk.native_vm.ont_id().get_public_keys(iss_ont_id)
if len(pub_keys) == 0:
return False
msg = f'{b64_head}.{b64_payload}'.encode('ascii')
result = False
for pk_info in pub_keys:
if kid == pk_info.get('PubKeyId', ''):
key_type = KeyType.from_str_type(pk_info.get('Type', ''))
pk = binascii.a2b_hex(pk_info.get('Value', ''))
handler = SignatureHandler(key_type, head.alg)
result = handler.verify_signature(pk, msg, signature)
break
return result
def parse_ddo(ont_id: str, ddo: str) -> dict:
if ddo == "":
return dict()
ms = StreamManager.GetStream(a2b_hex(ddo))
reader = BinaryReader(ms)
try:
publickey_bytes = reader.read_var_bytes()
except Exception as e:
raise e
try:
attribute_bytes = reader.read_var_bytes()
except Exception as e:
attribute_bytes = bytearray()
try:
recovery_bytes = reader.read_var_bytes()
except Exception as e:
recovery_bytes = bytearray()
pubKey_list = []
if len(publickey_bytes) != 0:
ms = StreamManager.GetStream(publickey_bytes)
reader2 = BinaryReader(ms)
while True:
try:
index = reader2.read_int32()
d = {}
d['PubKeyId'] = ont_id + "#keys-" + str(index)
pubkey = reader2.read_var_bytes()
if len(pubkey) == 33:
d["Type"] = KeyType.ECDSA.name
d["Curve"] = Curve.P256.name
d["Value"] = pubkey.hex()
else:
d["Type"] = KeyType.from_label(pubkey[0])
d["Curve"] = Curve.from_label(pubkey[1])
d["Value"] = pubkey.hex()
pubKey_list.append(d)
except Exception as e:
break
attribute_list = []
if len(attribute_bytes) != 0:
ms = StreamManager.GetStream(attribute_bytes)
reader2 = BinaryReader(ms)
while True:
try:
d = {}
key = reader2.read_var_bytes()
if len(key) == 0:
break
d["Key"] = str(key, 'utf-8')
d["Type"] = str(reader2.read_var_bytes(), 'utf-8')
d["Value"] = str(reader2.read_var_bytes(), 'utf-8')
attribute_list.append(d)
except Exception as e:
break
d2 = {}
d2["Owners"] = pubKey_list
d2["Attributes"] = attribute_list
if len(recovery_bytes) != 0:
addr = Address(recovery_bytes)
d2["Recovery"] = addr.b58encode()
d2["OntId"] = ont_id
return d2