def validate_signature(app_root, cert):
app_metadata_folder = os.path.join(app_root, META_DATA_FOLDER)
app_manifest_file = os.path.join(app_metadata_folder, MANIFEST_FILE)
signature_file = os.path.join(app_metadata_folder, SIGNATURE_FILE)
with open(signature_file, 'rb') as sf:
signature = sf.read()
checksum = file_checksum(hashlib.sha256,
file=app_manifest_file).encode('utf-8')
if cert:
try:
crypto.verify(cert, signature, checksum, 'sha256')
except Exception as e:
raise InvalidSignature('Invalid Signature: ' + e)
else:
if checksum != signature:
raise InvalidSignature('Invalid Signature')
评论列表
文章目录
