mj-saunders
/
epicyon
forked from indymedia/epicyon
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Tidying

main
Bob Mottram 2020-06-15 21:08:44 +01:00
parent d5f5a861d9
commit 6a74fcc7af
1 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
jsonldsig.py
View File

@ -28,36 +28,36 @@ import base64
import json import json
def b64safeEncode(payload): def b64safeEncode(payload: {}) -> str:
""" """
b64 url safe encoding with the padding removed. b64 url safe encoding with the padding removed.
""" """
return base64.urlsafe_b64encode(payload).rstrip(b'=') return base64.urlsafe_b64encode(payload).rstrip(b'=')
def b64safeDecode(payload): def b64safeDecode(payload: {}) -> str:
""" """
b64 url safe decoding with the padding added. b64 url safe decoding with the padding added.
""" """
return base64.urlsafe_b64decode(payload + b'=' * (4 - len(payload) % 4)) return base64.urlsafe_b64decode(payload + b'=' * (4 - len(payload) % 4))
def normalizeJson(payload): def normalizeJson(payload: {}) -> str:
return json.dumps(payload, separators=(',', ':'), return json.dumps(payload, separators=(',', ':'),
sort_keys=True).encode('utf-8') sort_keys=True).encode('utf-8')
def signRs256(payload, private_key): def signRs256(payload: {}, privateKey: str) -> str:
""" """
Produce a RS256 signature of the payload Produce a RS256 signature of the payload
""" """
key = RSA.importKey(private_key) key = RSA.importKey(privateKey)
signer = PKCS1_v1_5.new(key) signer = PKCS1_v1_5.new(key)
signature = signer.sign(SHA256.new(payload)) signature = signer.sign(SHA256.new(payload))
return signature return signature
def verifyRs256(payload, signature, publicKeyPem): def verifyRs256(payload: {}, signature: str, publicKeyPem: str) -> bool:
""" """
Verifies a RS256 signature Verifies a RS256 signature
""" """
@ -66,7 +66,7 @@ def verifyRs256(payload, signature, publicKeyPem):
return verifier.verify(SHA256.new(payload), signature) return verifier.verify(SHA256.new(payload), signature)
def signJws(payload, private_key): def signJws(payload: {}, privateKey: str) -> str:
""" Prepare payload to sign """ Prepare payload to sign
""" """
header = { header = {
@ -78,14 +78,14 @@ def signJws(payload, private_key):
encodedHeader = b64safeEncode(normalizedJson) encodedHeader = b64safeEncode(normalizedJson)
preparedPayload = b'.'.join([encodedHeader, payload]) preparedPayload = b'.'.join([encodedHeader, payload])
signature = signRs256(preparedPayload, private_key) signature = signRs256(preparedPayload, privateKey)
encodedSignature = b64safeEncode(signature) encodedSignature = b64safeEncode(signature)
jwsSignature = b'..'.join([encodedHeader, encodedSignature]) jwsSignature = b'..'.join([encodedHeader, encodedSignature])
return jwsSignature return jwsSignature
def verifyJws(payload, jwsSignature, publicKeyPem: str): def verifyJws(payload: {}, jwsSignature: str, publicKeyPem: str) -> bool:
# remove the encoded header from the signature # remove the encoded header from the signature
encodedHeader, encodedSignature = jwsSignature.split(b'..') encodedHeader, encodedSignature = jwsSignature.split(b'..')
signature = b64safeDecode(encodedSignature) signature = b64safeDecode(encodedSignature)