def verifySignature(self, msg: Dict[str, str]):
signature = msg.get(f.SIG.nm)
identifier = msg.get(IDENTIFIER)
msgWithoutSig = {k: v for k, v in msg.items() if k != f.SIG.nm}
# TODO This assumes the current key is the cryptonym. This is a BAD
# ASSUMPTION!!! Sovrin needs to provide the current key.
ser = serializeMsg(msgWithoutSig)
signature = b58decode(signature.encode())
typ = msg.get(TYPE)
# TODO: Maybe keeping ACCEPT_INVITE open is a better option than keeping
# an if condition here?
if typ == ACCEPT_INVITE:
verkey = msg.get(VERKEY)
else:
try:
link = self.getLinkForMsg(msg)
verkey = self.getVerkeyForLink(link)
except (LinkNotFound, VerkeyNotFound):
# This is for verification of `NOTIFY` events
link = self.wallet.getLinkBy(remote=identifier)
# TODO: If verkey is None, it should be fetched from Sovrin.
# Assuming CID for now.
verkey = link.remoteVerkey
v = DidVerifier(verkey, identifier=identifier)
if not v.verify(signature, ser):
raise SignatureRejected
else:
if typ == ACCEPT_INVITE:
self.logger.info('Signature accepted.')
return True
评论列表
文章目录
