Py_RETURN_NONE;
}
+static PyObject* Key_sign(KeyObject* self, PyObject* args, PyObject* kwargs) {
+ char* kwlist[] = { "data", "comment", NULL };
+ PyObject* object = NULL;
+ const char* data = NULL;
+ Py_ssize_t data_length = 0;
+ const char* comment = NULL;
+ char* signature = NULL;
+ size_t signature_length = 0;
+ int r;
+
+ if (!PyArg_ParseTupleAndKeywords(args, kwargs, "y#|z", kwlist,
+ &data, &data_length, &comment))
+ return NULL;
+
+ // Create buffer to write the signature to
+ FILE* f = open_memstream(&signature, &signature_length);
+ if (!f) {
+ PyErr_SetFromErrno(PyExc_OSError);
+ goto ERROR;
+ }
+
+ // Create the signature
+ r = pakfire_key_sign(self->key, f, data, data_length, comment);
+ if (r) {
+ PyErr_SetFromErrno(PyExc_OSError);
+ goto ERROR;
+ }
+
+ object = PyUnicode_FromStringAndSize(signature, signature_length);
+
+ERROR:
+ if (f)
+ fclose(f);
+ if (signature)
+ free(signature);
+
+ return object;
+}
+
+static PyObject* Key_verify(KeyObject* self, PyObject* args) {
+ char* signature = NULL;
+ const char* data = NULL;
+ Py_ssize_t data_length = 0;
+ int r;
+
+ if (!PyArg_ParseTuple(args, "sy#", &signature, &data, &data_length))
+ return NULL;
+
+ // Map the signature
+ FILE* f = fmemopen(signature, strlen(signature), "r");
+ if (!f) {
+ PyErr_SetFromErrno(PyExc_OSError);
+ r = 1;
+ goto ERROR;
+ }
+
+ // Verify the signature
+ r = pakfire_key_verify(self->key, f, data, data_length);
+ if (r) {
+ PyErr_SetFromErrno(PyExc_OSError);
+ goto ERROR;
+ }
+
+ // Success!
+ r = 0;
+
+ERROR:
+ if (f)
+ fclose(f);
+
+ if (r)
+ return NULL;
+
+ Py_RETURN_TRUE;
+}
+
static struct PyMethodDef Key_methods[] = {
{
"export",
(PyCFunction)Key_export,
METH_VARARGS,
- NULL
+ NULL,
+ },
+ {
+ "sign",
+ (PyCFunction)Key_sign,
+ METH_VARARGS|METH_KEYWORDS,
+ NULL,
+ },
+ {
+ "verify",
+ (PyCFunction)Key_verify,
+ METH_VARARGS,
+ NULL,
},
{ NULL },
};
char* pakfire_key_dump(struct pakfire_key* key);
+// Sign
+int pakfire_key_sign(struct pakfire_key* key,
+ FILE* f, const void* data, const size_t length, const char* comment);
+int pakfire_key_verify(struct pakfire_key* key,
+ FILE* f, const void* data, const size_t length);
+
#ifdef PAKFIRE_PRIVATE
int pakfire_key_import_from_string(struct pakfire_key** key,
struct pakfire* pakfire, const char* data, const size_t length);
-int pakfire_key_sign(struct pakfire_key* key,
- FILE* f, const void* data, const size_t length, const char* comment);
int pakfire_key_signf(struct pakfire_key* key, FILE* s, FILE* f, const char* comment);
-int pakfire_key_verify(struct pakfire_key* key,
- FILE* f, const void* data, const size_t length);
#endif
return r;
}
-int pakfire_key_sign(struct pakfire_key* key,
+PAKFIRE_EXPORT int pakfire_key_sign(struct pakfire_key* key,
FILE* f, const void* data, const size_t length, const char* comment) {
struct pakfire_key_signature signature = { 0 };
char* s = NULL;
return r;
}
-int pakfire_key_verify(struct pakfire_key* key, FILE* f, const void* data, const size_t length) {
+PAKFIRE_EXPORT int pakfire_key_verify(struct pakfire_key* key, FILE* f,
+ const void* data, const size_t length) {
struct pakfire_key_signature signature = { 0 };
int r;
# Check for the correct key ID
self.assertEqual(key.id, 13863674484496905947)
+ def test_sign(self):
+ """
+ Generate a new key
+ """
+ key = self.pakfire.generate_key(algorithm=pakfire.PAKFIRE_KEY_ALGO_ED25519)
+
+ data = b"Pakfire"
+
+ # Sign!
+ signature = key.sign(data, comment="This is a comment")
+
+ # Verify!
+ self.assertTrue(key.verify(signature, data))
+
if __name__ == "__main__":
unittest.main()
projects / pakfire.git / commitdiff
