U 6³d ã@s²dZddlZddlmZddlmZzddlmZWnek rLdZYnXedk rhdddd d d gZn dd d d gZejZej Z ej Z ej Z edk r ej Z ej Z ej fd d „ZdS)a\Cryptography helpers for verifying and signing messages. The simplest way to verify signatures is using :func:`verify_signature`:: cert = open('certs.pem').read() valid = crypt.verify_signature(message, signature, cert) If you're going to verify many messages with the same certificate, you can use :class:`RSAVerifier`:: cert = open('certs.pem').read() verifier = crypt.RSAVerifier.from_string(cert) valid = verifier.verify(message, signature) To sign messages use :class:`RSASigner` with a private key:: private_key = open('private_key.pem').read() signer = crypt.RSASigner.from_string(private_key) signature = signer.sign(message) The code above also works for :class:`ES256Signer` and :class:`ES256Verifier`. Note that these two classes are only available if your `cryptography` dependency version is at least 1.4.0. éN)Úbase)Úrsa)Úes256Ú ES256SignerÚ ES256VerifierÚ RSASignerÚ RSAVerifierÚSignerÚVerifiercCsBt|tjtjfƒr|g}|D] }| |¡}| ||¡rdSqdS)aVerify an RSA or ECDSA cryptographic signature. Checks that the provided ``signature`` was generated from ``bytes`` using the private key associated with the ``cert``. Args: message (Union[str, bytes]): The plaintext message. signature (Union[str, bytes]): The cryptographic signature to check. certs (Union[Sequence, str, bytes]): The certificate or certificates to use to check the signature. verifier_cls (Optional[~google.auth.crypt.base.Signer]): Which verifier class to use for verification. This can be used to select different algorithms, such as RSA or ECDSA. Default value is :class:`RSAVerifier`. Returns: bool: True if the signature is valid, otherwise False. TF)Ú isinstanceÚsixÚ text_typeÚ binary_typeZ from_stringÚverify)ÚmessageÚ signatureÚcertsZ verifier_clsÚcertZverifier©rú>/tmp/pip-unpacked-wheel-h3lf9jv9/google/auth/crypt/__init__.pyÚverify_signatureKs  r)Ú__doc__r Zgoogle.auth.cryptrrrÚ ImportErrorÚ__all__r r rrrrrrrrrÚs0   ú