mirror of https://gitlab.com/bashrc2/epicyon
Tidying
parent
d5f5a861d9
commit
6a74fcc7af
18
jsonldsig.py
18
jsonldsig.py
|
@ -28,36 +28,36 @@ import base64
|
||||||
import json
|
import json
|
||||||
|
|
||||||
|
|
||||||
def b64safeEncode(payload):
|
def b64safeEncode(payload: {}) -> str:
|
||||||
"""
|
"""
|
||||||
b64 url safe encoding with the padding removed.
|
b64 url safe encoding with the padding removed.
|
||||||
"""
|
"""
|
||||||
return base64.urlsafe_b64encode(payload).rstrip(b'=')
|
return base64.urlsafe_b64encode(payload).rstrip(b'=')
|
||||||
|
|
||||||
|
|
||||||
def b64safeDecode(payload):
|
def b64safeDecode(payload: {}) -> str:
|
||||||
"""
|
"""
|
||||||
b64 url safe decoding with the padding added.
|
b64 url safe decoding with the padding added.
|
||||||
"""
|
"""
|
||||||
return base64.urlsafe_b64decode(payload + b'=' * (4 - len(payload) % 4))
|
return base64.urlsafe_b64decode(payload + b'=' * (4 - len(payload) % 4))
|
||||||
|
|
||||||
|
|
||||||
def normalizeJson(payload):
|
def normalizeJson(payload: {}) -> str:
|
||||||
return json.dumps(payload, separators=(',', ':'),
|
return json.dumps(payload, separators=(',', ':'),
|
||||||
sort_keys=True).encode('utf-8')
|
sort_keys=True).encode('utf-8')
|
||||||
|
|
||||||
|
|
||||||
def signRs256(payload, private_key):
|
def signRs256(payload: {}, privateKey: str) -> str:
|
||||||
"""
|
"""
|
||||||
Produce a RS256 signature of the payload
|
Produce a RS256 signature of the payload
|
||||||
"""
|
"""
|
||||||
key = RSA.importKey(private_key)
|
key = RSA.importKey(privateKey)
|
||||||
signer = PKCS1_v1_5.new(key)
|
signer = PKCS1_v1_5.new(key)
|
||||||
signature = signer.sign(SHA256.new(payload))
|
signature = signer.sign(SHA256.new(payload))
|
||||||
return signature
|
return signature
|
||||||
|
|
||||||
|
|
||||||
def verifyRs256(payload, signature, publicKeyPem):
|
def verifyRs256(payload: {}, signature: str, publicKeyPem: str) -> bool:
|
||||||
"""
|
"""
|
||||||
Verifies a RS256 signature
|
Verifies a RS256 signature
|
||||||
"""
|
"""
|
||||||
|
@ -66,7 +66,7 @@ def verifyRs256(payload, signature, publicKeyPem):
|
||||||
return verifier.verify(SHA256.new(payload), signature)
|
return verifier.verify(SHA256.new(payload), signature)
|
||||||
|
|
||||||
|
|
||||||
def signJws(payload, private_key):
|
def signJws(payload: {}, privateKey: str) -> str:
|
||||||
""" Prepare payload to sign
|
""" Prepare payload to sign
|
||||||
"""
|
"""
|
||||||
header = {
|
header = {
|
||||||
|
@ -78,14 +78,14 @@ def signJws(payload, private_key):
|
||||||
encodedHeader = b64safeEncode(normalizedJson)
|
encodedHeader = b64safeEncode(normalizedJson)
|
||||||
preparedPayload = b'.'.join([encodedHeader, payload])
|
preparedPayload = b'.'.join([encodedHeader, payload])
|
||||||
|
|
||||||
signature = signRs256(preparedPayload, private_key)
|
signature = signRs256(preparedPayload, privateKey)
|
||||||
encodedSignature = b64safeEncode(signature)
|
encodedSignature = b64safeEncode(signature)
|
||||||
jwsSignature = b'..'.join([encodedHeader, encodedSignature])
|
jwsSignature = b'..'.join([encodedHeader, encodedSignature])
|
||||||
|
|
||||||
return jwsSignature
|
return jwsSignature
|
||||||
|
|
||||||
|
|
||||||
def verifyJws(payload, jwsSignature, publicKeyPem: str):
|
def verifyJws(payload: {}, jwsSignature: str, publicKeyPem: str) -> bool:
|
||||||
# remove the encoded header from the signature
|
# remove the encoded header from the signature
|
||||||
encodedHeader, encodedSignature = jwsSignature.split(b'..')
|
encodedHeader, encodedSignature = jwsSignature.split(b'..')
|
||||||
signature = b64safeDecode(encodedSignature)
|
signature = b64safeDecode(encodedSignature)
|
||||||
|
|
Loading…
Reference in New Issue