Show More
@@ -1,58 +1,57 b'' | |||||
1 | import base64 |
|
1 | import base64 | |
2 | from ecdsa import SigningKey, VerifyingKey |
|
2 | from ecdsa import SigningKey, VerifyingKey, BadSignatureError | |
3 | from django.db import models |
|
3 | from django.db import models | |
4 |
|
4 | |||
5 | TYPE_ECDSA = 'ecdsa' |
|
5 | TYPE_ECDSA = 'ecdsa' | |
6 |
|
6 | |||
7 | APP_LABEL_BOARDS = 'boards' |
|
7 | APP_LABEL_BOARDS = 'boards' | |
8 |
|
8 | |||
9 |
|
9 | |||
10 | class KeyPairManager(models.Manager): |
|
10 | class KeyPairManager(models.Manager): | |
11 | def generate_key(self, key_type=TYPE_ECDSA, primary=False): |
|
11 | def generate_key(self, key_type=TYPE_ECDSA, primary=False): | |
12 | if primary and self.filter(primary=True).exists(): |
|
12 | if primary and self.filter(primary=True).exists(): | |
13 | raise Exception('There can be only one primary key') |
|
13 | raise Exception('There can be only one primary key') | |
14 |
|
14 | |||
15 | if key_type == TYPE_ECDSA: |
|
15 | if key_type == TYPE_ECDSA: | |
16 | private = SigningKey.generate() |
|
16 | private = SigningKey.generate() | |
17 | public = private.get_verifying_key() |
|
17 | public = private.get_verifying_key() | |
18 |
|
18 | |||
19 | private_key_str = private.to_pem().decode() |
|
19 | private_key_str = private.to_pem().decode() | |
20 | public_key_str = public.to_pem().decode() |
|
20 | public_key_str = public.to_pem().decode() | |
21 |
|
21 | |||
22 | return self.create(public_key=public_key_str, |
|
22 | return self.create(public_key=public_key_str, | |
23 | private_key=private_key_str, |
|
23 | private_key=private_key_str, | |
24 | key_type=TYPE_ECDSA, primary=primary) |
|
24 | key_type=TYPE_ECDSA, primary=primary) | |
25 | else: |
|
25 | else: | |
26 | raise Exception('Key type not supported') |
|
26 | raise Exception('Key type not supported') | |
27 |
|
27 | |||
28 | def verify(self, public_key_str, string, signature, key_type=TYPE_ECDSA): |
|
28 | def verify(self, public_key_str, string, signature, key_type=TYPE_ECDSA): | |
29 | if key_type == TYPE_ECDSA: |
|
29 | if key_type == TYPE_ECDSA: | |
30 | public = VerifyingKey.from_pem(public_key_str) |
|
30 | public = VerifyingKey.from_pem(public_key_str) | |
31 | signature_byte = base64.b64decode(signature) |
|
31 | signature_byte = base64.b64decode(signature) | |
32 | try: |
|
32 | try: | |
33 | return public.verify(signature_byte, |
|
33 | return public.verify(signature_byte, string.encode()) | |
34 | string.encode()) |
|
|||
35 | except BadSignatureError: |
|
34 | except BadSignatureError: | |
36 | return False |
|
35 | return False | |
37 | else: |
|
36 | else: | |
38 | raise Exception('Key type not supported') |
|
37 | raise Exception('Key type not supported') | |
39 |
|
38 | |||
40 |
|
39 | |||
41 | class KeyPair(models.Model): |
|
40 | class KeyPair(models.Model): | |
42 | class Meta: |
|
41 | class Meta: | |
43 | app_label = APP_LABEL_BOARDS |
|
42 | app_label = APP_LABEL_BOARDS | |
44 |
|
43 | |||
45 | objects = KeyPairManager() |
|
44 | objects = KeyPairManager() | |
46 |
|
45 | |||
47 | public_key = models.TextField() |
|
46 | public_key = models.TextField() | |
48 | private_key = models.TextField() |
|
47 | private_key = models.TextField() | |
49 | key_type = models.TextField() |
|
48 | key_type = models.TextField() | |
50 | primary = models.BooleanField(default=False) |
|
49 | primary = models.BooleanField(default=False) | |
51 |
|
50 | |||
52 | def __str__(self): |
|
51 | def __str__(self): | |
53 | return '%s: %s' % (self.key_type, self.public_key) |
|
52 | return '%s: %s' % (self.key_type, self.public_key) | |
54 |
|
53 | |||
55 | def sign(self, string): |
|
54 | def sign(self, string): | |
56 | private = SigningKey.from_pem(self.private_key) |
|
55 | private = SigningKey.from_pem(self.private_key) | |
57 | signature_byte = private.sign(string.encode()) |
|
56 | signature_byte = private.sign(string.encode()) | |
58 | return base64.b64encode(signature_byte) |
|
57 | return base64.b64encode(signature_byte) |
General Comments 0
You need to be logged in to leave comments.
Login now