def _verify_single(self, token, verifying_key):
"""
Verify a compact-formatted JWT signed by a single key
Return True if authentic
Return False if not
"""
# grab the token parts
header, payload, raw_signature, signing_input = _unpack_token_compact(token)
# load the verifying key
verifying_key = load_verifying_key(verifying_key, self.crypto_backend)
# convert the raw_signature to DER format
der_signature = raw_to_der_signature(
raw_signature, verifying_key.curve)
# initialize the verifier
verifier = self._get_verifier(verifying_key, der_signature)
verifier.update(signing_input)
# check to see whether the signature is valid
try:
verifier.verify()
except InvalidSignature:
# raise DecodeError('Signature verification failed')
return False
return True
评论列表
文章目录
