def decryptAndVerify(self, ciphertextPickle, senderPublic):
try:
if (ciphertextPickle):
decoded = pickle.loads(ciphertextPickle)
if (decoded):
signature = decoded[0]
content = decoded[1]
if (rsa.verify(content, signature, senderPublic)):
debug("crypt", "Message signature was verified. Decrypting..")
return rsa.decrypt(content, self.DRMPrivateKey)
else:
debug("crypt", "Message was empty. \"No Updates\"")
except Exception as e:
debug("crypt", "Error decrypting message. -> %s" % str(e))
# Load the keys
python类verify()的实例源码
def perform_operation(self, indata, pub_key, cli_args):
'''Decrypts files.'''
signature_file = cli_args[1]
with open(signature_file, 'rb') as sigfile:
signature = sigfile.read()
try:
rsa.verify(indata, signature, pub_key)
except rsa.VerificationError:
raise SystemExit('Verification failed.')
print('Verification OK', file=sys.stderr)
def test_sign(self):
"""Test sign works."""
# rsa_pk = M2Crypto.RSA.gen_key(2048, 65537)
rsa_keys = rsa.newkeys(2048, 65537)
rsa_pk = rsa_keys[1]
rsa_pub = rsa_keys[0]
salt = 'salt'
data = {"flags": 8,
"name": "MyAwesomeVM",
"ram": 512,
"secret": "mg041na39123",
"userData": "[amiconfig]\nplugins=cernvm\n[cernvm]\nusers=user:users;password",
"vcpus": 1,
"version": "1.5"}
strBuffer = vmcp.calculate_buffer(data, salt)
with patch('rsa.PrivateKey.load_pkcs1', return_value=rsa_pk):
with patch('pybossa.vmcp.open', mock_open(read_data=''), create=True) as m:
out = vmcp.sign(data, salt, 'testkey')
err_msg = "There should be a key named signature"
assert out.get('signature'), err_msg
err_msg = "The signature should not be empty"
assert out['signature'] is not None, err_msg
assert out['signature'] != '', err_msg
err_msg = "The signature should be the same"
signature = base64.b64decode(out['signature'])
assert rsa.verify(strBuffer, signature, rsa_pub) == 1, err_msg
# The output must be convertible into json object
import json
assert_not_raises(Exception, json.dumps, out)
def perform_operation(self, indata, pub_key, cli_args):
"""Verifies files."""
signature_file = cli_args[1]
with open(signature_file, 'rb') as sigfile:
signature = sigfile.read()
try:
rsa.verify(indata, signature, pub_key)
except rsa.VerificationError:
raise SystemExit('Verification failed.')
print('Verification OK', file=sys.stderr)
def perform_operation(self, indata, pub_key, cli_args):
'''Decrypts files.'''
signature_file = cli_args[1]
with open(signature_file, 'rb') as sigfile:
signature = sigfile.read()
try:
rsa.verify(indata, signature, pub_key)
except rsa.VerificationError:
raise SystemExit('Verification failed.')
print('Verification OK', file=sys.stderr)
def perform_operation(self, indata, pub_key, cli_args):
"""Verifies files."""
signature_file = cli_args[1]
with open(signature_file, 'rb') as sigfile:
signature = sigfile.read()
try:
rsa.verify(indata, signature, pub_key)
except rsa.VerificationError:
raise SystemExit('Verification failed.')
print('Verification OK', file=sys.stderr)
def perform_operation(self, indata, pub_key, cli_args):
"""Verifies files."""
signature_file = cli_args[1]
with open(signature_file, 'rb') as sigfile:
signature = sigfile.read()
try:
rsa.verify(indata, signature, pub_key)
except rsa.VerificationError:
raise SystemExit('Verification failed.')
print('Verification OK', file=sys.stderr)
def perform_operation(self, indata, pub_key, cli_args):
"""Verifies files."""
signature_file = cli_args[1]
with open(signature_file, 'rb') as sigfile:
signature = sigfile.read()
try:
rsa.verify(indata, signature, pub_key)
except rsa.VerificationError:
raise SystemExit('Verification failed.')
print('Verification OK', file=sys.stderr)
def validate(self, bucket, key, public_key, digest_data, inflated_digest):
"""Validates a digest file.
Throws a DigestError when the digest is invalid.
:param bucket: Bucket of the digest file
:param key: Key of the digest file
:param public_key: Public key bytes.
:param digest_data: Dict of digest data returned when JSON
decoding a manifest.
:param inflated_digest: Inflated digest file contents as bytes.
"""
try:
decoded_key = base64.b64decode(public_key)
public_key = rsa.PublicKey.load_pkcs1(decoded_key, format='DER')
to_sign = self._create_string_to_sign(digest_data, inflated_digest)
signature_bytes = binascii.unhexlify(digest_data['_signature'])
rsa.verify(to_sign, signature_bytes, public_key)
except PyAsn1Error:
raise DigestError(
('Digest file\ts3://%s/%s\tINVALID: Unable to load PKCS #1 key'
' with fingerprint %s')
% (bucket, key, digest_data['digestPublicKeyFingerprint']))
except rsa.pkcs1.VerificationError:
# Note from the Python-RSA docs: Never display the stack trace of
# a rsa.pkcs1.VerificationError exception. It shows where in the
# code the exception occurred, and thus leaks information about
# the key.
raise DigestSignatureError(bucket, key)
def setup_services(self, parsed_globals):
self._source_region = parsed_globals.region
# Use the the same region as the region of the CLI to get locations.
self.s3_client_provider = S3ClientProvider(
self._session, self._source_region)
client_args = {'region_name': parsed_globals.region,
'verify': parsed_globals.verify_ssl}
if parsed_globals.endpoint_url is not None:
client_args['endpoint_url'] = parsed_globals.endpoint_url
self.cloudtrail_client = self._session.create_client(
'cloudtrail', **client_args)
def verify(self, message, signature):
# assume we're dealing with a base64 encoded signature
signature = b64decode(signature.encode())
message = self.ensure_bytes(message)
# ensure we have a public key we can use use to verify
if not self._public_key:
raise Exception("Key object does not have public key defined, and thus cannot be used to verify.")
return self._verify(message, signature)
def _verify(self, message, signature):
try:
PYRSA.verify(message, signature, self._public_key)
return True
except PYRSA.pkcs1.VerificationError:
return False
def _verify(self, message, signature):
try:
self._public_key.verify(hashlib.sha256(message).digest(), signature, algo="sha256")
return True
except M2RSA.RSAError:
return False
def _verify(self, message, signature):
try:
self._public_key.verify(signature, message, crypto_padding.PKCS1v15(), crypto_hashes.SHA256())
return True
except crypto_exceptions.InvalidSignature:
return False
def perform_operation(self, indata, pub_key, cli_args):
"""Verifies files."""
signature_file = cli_args[1]
with open(signature_file, 'rb') as sigfile:
signature = sigfile.read()
try:
rsa.verify(indata, signature, pub_key)
except rsa.VerificationError:
raise SystemExit('Verification failed.')
print('Verification OK', file=sys.stderr)
def verify(self):
""" Verifies the signature of transaction
"""
try:
rsa.verify(self.message, self.signature, self.sender)
except VerificationError:
print("Verification failed", file=sys.stderr)
return False
return True
def verify(self):
acc = ''
for t in self.transactions:
acc += str(t.hash)
return int(sha256((str(self.nonce)+acc).encode('utf-8')).hexdigest()[0:6],16) < GAMER_BAWA
def perform_operation(self, indata, pub_key, cli_args):
'''Decrypts files.'''
signature_file = cli_args[1]
with open(signature_file, 'rb') as sigfile:
signature = sigfile.read()
try:
rsa.verify(indata, signature, pub_key)
except rsa.VerificationError:
raise SystemExit('Verification failed.')
print('Verification OK', file=sys.stderr)
def appendMessage(self, message):
if (message):
self.messages.append(message)
return
# Keep hostlist, verify public keys, and invalidate hosts
# after a certain amount of time
def verifyTrustedSignature(self, data, signature):
result = False
try:
rsa.verify(data, signature, self.DRMTrustedKey)
result = True
except Exception as e:
debug("crypt", "Verifying the signature of the remote host's message. -> %s" % str(e))
return result
# Encrypt to recipient's public key, and sign with our private key
def perform_operation(self, indata, pub_key, cli_args):
"""Verifies files."""
signature_file = cli_args[1]
with open(signature_file, 'rb') as sigfile:
signature = sigfile.read()
try:
rsa.verify(indata, signature, pub_key)
except rsa.VerificationError:
raise SystemExit('Verification failed.')
print('Verification OK', file=sys.stderr)
def perform_operation(self, indata, pub_key, cli_args):
"""Verifies files."""
signature_file = cli_args[1]
with open(signature_file, 'rb') as sigfile:
signature = sigfile.read()
try:
rsa.verify(indata, signature, pub_key)
except rsa.VerificationError:
raise SystemExit('Verification failed.')
print('Verification OK', file=sys.stderr)
def perform_operation(self, indata, pub_key, cli_args):
"""Verifies files."""
signature_file = cli_args[1]
with open(signature_file, 'rb') as sigfile:
signature = sigfile.read()
try:
rsa.verify(indata, signature, pub_key)
except rsa.VerificationError:
raise SystemExit('Verification failed.')
print('Verification OK', file=sys.stderr)
def perform_operation(self, indata, pub_key, cli_args):
"""Verifies files."""
signature_file = cli_args[1]
with open(signature_file, 'rb') as sigfile:
signature = sigfile.read()
try:
rsa.verify(indata, signature, pub_key)
except rsa.VerificationError:
raise SystemExit('Verification failed.')
print('Verification OK', file=sys.stderr)
def perform_operation(self, indata, pub_key, cli_args):
'''Decrypts files.'''
signature_file = cli_args[1]
with open(signature_file, 'rb') as sigfile:
signature = sigfile.read()
try:
rsa.verify(indata, signature, pub_key)
except rsa.VerificationError:
raise SystemExit('Verification failed.')
print('Verification OK', file=sys.stderr)
def perform_operation(self, indata, pub_key, cli_args):
"""Verifies files."""
signature_file = cli_args[1]
with open(signature_file, 'rb') as sigfile:
signature = sigfile.read()
try:
rsa.verify(indata, signature, pub_key)
except rsa.VerificationError:
raise SystemExit('Verification failed.')
print('Verification OK', file=sys.stderr)
def perform_operation(self, indata, pub_key, cli_args):
"""Verifies files."""
signature_file = cli_args[1]
with open(signature_file, 'rb') as sigfile:
signature = sigfile.read()
try:
rsa.verify(indata, signature, pub_key)
except rsa.VerificationError:
raise SystemExit('Verification failed.')
print('Verification OK', file=sys.stderr)
def perform_operation(self, indata, pub_key, cli_args):
"""Verifies files."""
signature_file = cli_args[1]
with open(signature_file, 'rb') as sigfile:
signature = sigfile.read()
try:
rsa.verify(indata, signature, pub_key)
except rsa.VerificationError:
raise SystemExit('Verification failed.')
print('Verification OK', file=sys.stderr)
def perform_operation(self, indata, pub_key, cli_args):
'''Decrypts files.'''
signature_file = cli_args[1]
with open(signature_file, 'rb') as sigfile:
signature = sigfile.read()
try:
rsa.verify(indata, signature, pub_key)
except rsa.VerificationError:
raise SystemExit('Verification failed.')
print('Verification OK', file=sys.stderr)
def perform_operation(self, indata, pub_key, cli_args):
"""Verifies files."""
signature_file = cli_args[1]
with open(signature_file, 'rb') as sigfile:
signature = sigfile.read()
try:
rsa.verify(indata, signature, pub_key)
except rsa.VerificationError:
raise SystemExit('Verification failed.')
print('Verification OK', file=sys.stderr)
