PageRenderTime 29ms CodeModel.GetById 8ms app.highlight 13ms RepoModel.GetById 2ms app.codeStats 0ms

/gdata/oauth/rsa.py

http://radioappz.googlecode.com/
Python | 120 lines | 96 code | 8 blank | 16 comment | 0 complexity | ec250fe0ff43befc6344e3610402626a MD5 | raw file
  1#!/usr/bin/python
  2
  3"""
  4requires tlslite - http://trevp.net/tlslite/
  5
  6"""
  7
  8import binascii
  9
 10from gdata.tlslite.utils import keyfactory
 11from gdata.tlslite.utils import cryptomath
 12
 13# XXX andy: ugly local import due to module name, oauth.oauth
 14import gdata.oauth as oauth
 15
 16class OAuthSignatureMethod_RSA_SHA1(oauth.OAuthSignatureMethod):
 17  def get_name(self):
 18    return "RSA-SHA1"
 19
 20  def _fetch_public_cert(self, oauth_request):
 21    # not implemented yet, ideas are:
 22    # (1) do a lookup in a table of trusted certs keyed off of consumer
 23    # (2) fetch via http using a url provided by the requester
 24    # (3) some sort of specific discovery code based on request
 25    #
 26    # either way should return a string representation of the certificate
 27    raise NotImplementedError
 28
 29  def _fetch_private_cert(self, oauth_request):
 30    # not implemented yet, ideas are:
 31    # (1) do a lookup in a table of trusted certs keyed off of consumer
 32    #
 33    # either way should return a string representation of the certificate
 34    raise NotImplementedError
 35
 36  def build_signature_base_string(self, oauth_request, consumer, token):
 37      sig = (
 38          oauth.escape(oauth_request.get_normalized_http_method()),
 39          oauth.escape(oauth_request.get_normalized_http_url()),
 40          oauth.escape(oauth_request.get_normalized_parameters()),
 41      )
 42      key = ''
 43      raw = '&'.join(sig)
 44      return key, raw
 45
 46  def build_signature(self, oauth_request, consumer, token):
 47    key, base_string = self.build_signature_base_string(oauth_request,
 48                                                        consumer,
 49                                                        token)
 50
 51    # Fetch the private key cert based on the request
 52    cert = self._fetch_private_cert(oauth_request)
 53
 54    # Pull the private key from the certificate
 55    privatekey = keyfactory.parsePrivateKey(cert)
 56    
 57    # Convert base_string to bytes
 58    #base_string_bytes = cryptomath.createByteArraySequence(base_string)
 59    
 60    # Sign using the key
 61    signed = privatekey.hashAndSign(base_string)
 62  
 63    return binascii.b2a_base64(signed)[:-1]
 64  
 65  def check_signature(self, oauth_request, consumer, token, signature):
 66    decoded_sig = base64.b64decode(signature);
 67
 68    key, base_string = self.build_signature_base_string(oauth_request,
 69                                                        consumer,
 70                                                        token)
 71
 72    # Fetch the public key cert based on the request
 73    cert = self._fetch_public_cert(oauth_request)
 74
 75    # Pull the public key from the certificate
 76    publickey = keyfactory.parsePEMKey(cert, public=True)
 77
 78    # Check the signature
 79    ok = publickey.hashAndVerify(decoded_sig, base_string)
 80
 81    return ok
 82
 83
 84class TestOAuthSignatureMethod_RSA_SHA1(OAuthSignatureMethod_RSA_SHA1):
 85  def _fetch_public_cert(self, oauth_request):
 86    cert = """
 87-----BEGIN CERTIFICATE-----
 88MIIBpjCCAQ+gAwIBAgIBATANBgkqhkiG9w0BAQUFADAZMRcwFQYDVQQDDA5UZXN0
 89IFByaW5jaXBhbDAeFw03MDAxMDEwODAwMDBaFw0zODEyMzEwODAwMDBaMBkxFzAV
 90BgNVBAMMDlRlc3QgUHJpbmNpcGFsMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
 91gQC0YjCwIfYoprq/FQO6lb3asXrxLlJFuCvtinTF5p0GxvQGu5O3gYytUvtC2JlY
 92zypSRjVxwxrsuRcP3e641SdASwfrmzyvIgP08N4S0IFzEURkV1wp/IpH7kH41Etb
 93mUmrXSwfNZsnQRE5SYSOhh+LcK2wyQkdgcMv11l4KoBkcwIDAQABMA0GCSqGSIb3
 94DQEBBQUAA4GBAGZLPEuJ5SiJ2ryq+CmEGOXfvlTtEL2nuGtr9PewxkgnOjZpUy+d
 954TvuXJbNQc8f4AMWL/tO9w0Fk80rWKp9ea8/df4qMq5qlFWlx6yOLQxumNOmECKb
 96WpkUQDIDJEoFUzKMVuJf4KO/FJ345+BNLGgbJ6WujreoM1X/gYfdnJ/J
 97-----END CERTIFICATE-----
 98"""
 99    return cert
100
101  def _fetch_private_cert(self, oauth_request):
102    cert = """
103-----BEGIN PRIVATE KEY-----
104MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALRiMLAh9iimur8V
105A7qVvdqxevEuUkW4K+2KdMXmnQbG9Aa7k7eBjK1S+0LYmVjPKlJGNXHDGuy5Fw/d
1067rjVJ0BLB+ubPK8iA/Tw3hLQgXMRRGRXXCn8ikfuQfjUS1uZSatdLB81mydBETlJ
107hI6GH4twrbDJCR2Bwy/XWXgqgGRzAgMBAAECgYBYWVtleUzavkbrPjy0T5FMou8H
108X9u2AC2ry8vD/l7cqedtwMPp9k7TubgNFo+NGvKsl2ynyprOZR1xjQ7WgrgVB+mm
109uScOM/5HVceFuGRDhYTCObE+y1kxRloNYXnx3ei1zbeYLPCHdhxRYW7T0qcynNmw
110rn05/KO2RLjgQNalsQJBANeA3Q4Nugqy4QBUCEC09SqylT2K9FrrItqL2QKc9v0Z
111zO2uwllCbg0dwpVuYPYXYvikNHHg+aCWF+VXsb9rpPsCQQDWR9TT4ORdzoj+Nccn
112qkMsDmzt0EfNaAOwHOmVJ2RVBspPcxt5iN4HI7HNeG6U5YsFBb+/GZbgfBT3kpNG
113WPTpAkBI+gFhjfJvRw38n3g/+UeAkwMI2TJQS4n8+hid0uus3/zOjDySH3XHCUno
114cn1xOJAyZODBo47E+67R4jV1/gzbAkEAklJaspRPXP877NssM5nAZMU0/O/NGCZ+
1153jPgDUno6WbJn5cqm8MqWhW1xGkImgRk+fkDBquiq4gPiT898jusgQJAd5Zrr6Q8
116AO/0isr/3aa6O6NLQxISLKcPDk2NOccAfS/xOtfOz4sJYM3+Bs4Io9+dZGSDCA54
117Lw03eHTNQghS0A==
118-----END PRIVATE KEY-----
119"""
120    return cert