ewjoachim/signature_verification.py

## signature_verification.py
#!/usr/bin/env python3
import base64

from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.hashes import SHA256
from cryptography.hazmat.primitives.asymmetric.ec import ECDSA


def check_signature(payload, public_key, signature):
    loaded_public_key = serialization.load_pem_public_key(
        data=public_key.encode("utf-8"), backend=default_backend()
    )
    loaded_public_key.verify(
        signature=base64.b64decode(signature),
        data=payload.encode("utf-8"),
        # This validates the ECDSA and SHA256 part
        signature_algorithm=ECDSA(algorithm=SHA256()),
    )

    return True


def main():
    signature = "MEQCIAfgjgz6Ou/3DXMYZBervz1TKCHFsvwMcbuJhNZse622AiAG86/cku2XdcmFWNHl2WSJi2fkE8t+auvB24eURaOd2A=="
    public_key = "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE9MJJHnMfn2+H4xL4YaPDA4RpJqUq\nkCmRCBnYERxZanmcpzQSXs1X/AljlKkbJ8qpVIW4clayyef9gWhFbNHWAA==\n-----END PUBLIC KEY-----\n"
    payload = '[{"type":"github_oauth_token","token":"cb4985f91f740272c0234202299f43808034d7f5","url":" https://github.com/github/faketestrepo/blob/b0dd59c0b500650cacd4551ca5989a6194001b10/production.env"}]'

    if check_signature(signature=signature, public_key=public_key, payload=payload):
        print("valid")
    else:
        print("invalid")


if __name__ == "__main__":
    main()
	#!/usr/bin/env python3
	import base64

	from cryptography.hazmat.primitives import serialization
	from cryptography.hazmat.backends import default_backend
	from cryptography.hazmat.primitives.hashes import SHA256
	from cryptography.hazmat.primitives.asymmetric.ec import ECDSA


	def check_signature(payload, public_key, signature):
	loaded_public_key = serialization.load_pem_public_key(
	data=public_key.encode("utf-8"), backend=default_backend()
	)
	loaded_public_key.verify(
	signature=base64.b64decode(signature),
	data=payload.encode("utf-8"),
	# This validates the ECDSA and SHA256 part
	signature_algorithm=ECDSA(algorithm=SHA256()),
	)

	return True


	def main():
	signature = "MEQCIAfgjgz6Ou/3DXMYZBervz1TKCHFsvwMcbuJhNZse622AiAG86/cku2XdcmFWNHl2WSJi2fkE8t+auvB24eURaOd2A=="
	public_key = "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE9MJJHnMfn2+H4xL4YaPDA4RpJqUq\nkCmRCBnYERxZanmcpzQSXs1X/AljlKkbJ8qpVIW4clayyef9gWhFbNHWAA==\n-----END PUBLIC KEY-----\n"
	payload = '[{"type":"github_oauth_token","token":"cb4985f91f740272c0234202299f43808034d7f5","url":" https://github.com/github/faketestrepo/blob/b0dd59c0b500650cacd4551ca5989a6194001b10/production.env"}]'

	if check_signature(signature=signature, public_key=public_key, payload=payload):
	print("valid")
	else:
	print("invalid")


	if __name__ == "__main__":
	main()