mirror of
https://github.com/tahoe-lafs/tahoe-lafs.git
synced 2024-12-24 07:06:41 +00:00
Simplify key checking code by inlining _allowedKey and _correctSignature. refs #1141
Signed-off-by: Daira Hopwood <daira@jacaranda.org>
This commit is contained in:
parent
102d581a90
commit
6c756ba3e9
@ -82,25 +82,6 @@ class AccountFileChecker:
|
||||
d.addCallback(self._cbPasswordMatch, str(creds.username))
|
||||
return d
|
||||
|
||||
def _allowedKey(self, creds):
|
||||
"""
|
||||
Determine whether the public key indicated by the given credentials is
|
||||
one allowed to authenticate the username in those credentials.
|
||||
|
||||
Returns True if so, False otherwise.
|
||||
"""
|
||||
return creds.blob == self.pubkeys.get(creds.username)
|
||||
|
||||
def _correctSignature(self, creds):
|
||||
"""
|
||||
Determine whether the signature in the given credentials is the correct
|
||||
signature for the data in those credentials.
|
||||
|
||||
Returns True if so, False otherwise.
|
||||
"""
|
||||
key = keys.Key.fromString(creds.blob)
|
||||
return key.verify(creds.signature, creds.sigData)
|
||||
|
||||
def _checkKey(self, creds):
|
||||
"""
|
||||
Determine whether some key-based credentials correctly authenticates a
|
||||
@ -109,11 +90,19 @@ class AccountFileChecker:
|
||||
Returns a Deferred that fires with the username if so or with an
|
||||
UnauthorizedLogin failure otherwise.
|
||||
"""
|
||||
if self._allowedKey(creds):
|
||||
|
||||
# Is the public key indicated by the given credentials allowed to
|
||||
# authenticate the username in those credentials?
|
||||
if creds.blob == self.pubkeys.get(creds.username):
|
||||
if creds.signature is None:
|
||||
return defer.fail(conch_error.ValidPublicKey())
|
||||
if self._correctSignature(creds):
|
||||
|
||||
# Is the signature in the given credentials the correct
|
||||
# signature for the data in those credentials?
|
||||
key = keys.Key.fromString(creds.blob)
|
||||
if key.verify(creds.signature, creds.sigData):
|
||||
return defer.succeed(self._avatarId(creds.username))
|
||||
|
||||
return defer.fail(error.UnauthorizedLogin())
|
||||
|
||||
class AccountURLChecker:
|
||||
|
Loading…
Reference in New Issue
Block a user