def verify_archive(self, dest):
self.assertTrue(os.path.exists(dest))
self.assertTrue(zipfile.is_zipfile(dest))
with zipfile.ZipFile(dest) as archive:
files = archive.namelist()
member = archive.extract(self.obj_sha256)
sig_fn = archive.extract('signature')
metadata_fn = archive.extract('metadata')
self.addCleanup(os.remove, member)
self.addCleanup(os.remove, sig_fn)
self.addCleanup(os.remove, metadata_fn)
self.assertEqual(len(files), 3)
self.assertIn(self.obj_sha256, files)
self.assertFalse(os.path.islink(member))
with open(metadata_fn) as fp:
message = SHA256.new(fp.read().encode())
with open(sig_fn) as fp:
signature = base64.b64decode(fp.read())
verifier = PKCS1_v1_5.new(self.private_key)
self.assertTrue(verifier.verify(message, signature))
评论列表
文章目录
