upstream/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-06-09 08:42:57 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 7

acme.messages: explicit warnings about key verification

Browse source
This commit is contained in:
Jakub Warmuz 2015-02-15 11:45:21 +00:00
parent f81e936a49
commit 61e654b852
No known key found for this signature in database
GPG key ID: 2A7BAD3A489B52EA
1 changed files with 12 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
letsencrypt/acme/messages.py
View file

@ -211,14 +211,16 @@ class AuthorizationRequest(Message):
def verify(self, name):
"""Verify signature.
.. warning:: Caller must check that the public key encoded in the
:attr:`signature`'s :class:`letsencrypt.acme.jose.JWK` object
is the correct key for a given context.
:param str name: Hostname
:returns: True iff ``signature`` can be verified, False otherwise.
:rtype: bool
"""
# TODO: must also check that the public key encoded in the JWK object
# is the correct key for a given context.
return self.signature.verify(name + self.nonce)
def _fields_to_json(self):
@ -314,12 +316,14 @@ class CertificateRequest(Message):
def verify(self):
"""Verify signature.
.. warning:: Caller must check that the public key encoded in the
:attr:`signature`'s :class:`letsencrypt.acme.jose.JWK` object
is the correct key for a given context.
:returns: True iff ``signature`` can be verified, False otherwise.
:rtype: bool
"""
# TODO: must also check that the public key encoded in the JWK object
# is the correct key for a given context.
return self.signature.verify(self.csr.as_der())
@classmethod
@ -442,12 +446,14 @@ class RevocationRequest(Message):
def verify(self):
"""Verify signature.
.. warning:: Caller must check that the public key encoded in the
:attr:`signature`'s :class:`letsencrypt.acme.jose.JWK` object
is the correct key for a given context.
:returns: True iff ``signature`` can be verified, False otherwise.
:rtype: bool
"""
# TODO: must also check that the public key encoded in the JWK object
# is the correct key for a given context.
return self.signature.verify(self.certificate.as_der())
@classmethod