diff options
Diffstat (limited to 'wrappers/python/eduvpncommon')
| -rw-r--r-- | wrappers/python/eduvpncommon/discovery.py | 31 |
1 files changed, 17 insertions, 14 deletions
diff --git a/wrappers/python/eduvpncommon/discovery.py b/wrappers/python/eduvpncommon/discovery.py index f7a312e..f22df58 100644 --- a/wrappers/python/eduvpncommon/discovery.py +++ b/wrappers/python/eduvpncommon/discovery.py @@ -15,28 +15,30 @@ _lib_suffixes = defaultdict(lambda: ".so", { _os = platform.system().lower() -_libname = f"{_lib_prefixes[_os]}eduvpn_verify{_lib_suffixes[_os]}" -_lib = cdll.LoadLibrary(str(pathlib.Path(__file__).parent / "lib" / _libname)) +_libname = "eduvpn_common" +_libfile = f"{_lib_prefixes[_os]}{_libname}{_lib_suffixes[_os]}" +# Library should have been copied to the lib/ folder +_lib = cdll.LoadLibrary(str(pathlib.Path(__file__).parent / "lib" / _libfile)) -class GoSlice(Structure): +class _GoSlice(Structure): _fields_ = [("data", POINTER(c_char)), ("len", c_int64), ("cap", c_int64)] @staticmethod - def make(bs: bytes) -> "GoSlice": - return GoSlice((c_char * len(bs))(*bs), len(bs), len(bs)) + def make(bs: bytes) -> "_GoSlice": + return _GoSlice((c_char * len(bs))(*bs), len(bs), len(bs)) -_lib.Verify.argtypes, _lib.Verify.restype = [GoSlice, GoSlice, GoSlice, c_uint64], c_int64 -_lib.InsecureTestingSetExtraKey.argtypes, _lib.InsecureTestingSetExtraKey.restype = [GoSlice], None +_lib.Verify.argtypes, _lib.Verify.restype = [_GoSlice, _GoSlice, _GoSlice, c_uint64], c_int64 +_lib.InsecureTestingSetExtraKey.argtypes, _lib.InsecureTestingSetExtraKey.restype = [_GoSlice], None class VerifyErrorCode(Enum): - ErrUnknownExpectedFileName = 1 # Expected file name is not one of the recognized values. + ErrUnknownExpectedFileName = 1 # Unknown expected file name specified. The signature has not been verified. ErrInvalidSignature = 2 # Signature is invalid (for the expected file type). ErrInvalidSignatureUnknownKey = 3 # Signature was created with an unknown key and has not been verified. - ErrTooOld = 4 # Signature has a timestamp lower than the specified minimum signing time. - Unknown = -1 # Other unknown error + ErrTooOld = 4 # Signature timestamp smaller than specified minimum signing time (rollback). + Unknown = -1 # Other unknown error. class VerifyError(Exception): @@ -44,6 +46,7 @@ class VerifyError(Exception): code_int: int # Original error code also for VerifyErrorCode.Unknown def __init__(self, err: int): + assert err try: self.code = VerifyErrorCode(err) except ValueError: @@ -68,13 +71,13 @@ def verify(signature: bytes, signed_json: bytes, expected_file_name: str, min_si :param signature: .minisig signature file contents. :param signed_json: Signed .json file contents. :param expected_file_name: The file type to be verified, one of "server_list.json" or "organization_list.json". - :param min_sign_time: Minimum time for signature. Should be set to at least the time in a previously retrieved file. + :param min_sign_time: Minimum time for signature. Should be set to at least the time of the previous signature. :raises VerifyException: If signature verification fails or expectedFileName is not one of the allowed values. """ - err = _lib.Verify(GoSlice.make(signature), GoSlice.make(signed_json), - GoSlice.make(expected_file_name.encode()), min_sign_time) + err = _lib.Verify(_GoSlice.make(signature), _GoSlice.make(signed_json), + _GoSlice.make(expected_file_name.encode()), min_sign_time) if err: raise VerifyError(err) @@ -82,4 +85,4 @@ def verify(signature: bytes, signed_json: bytes, expected_file_name: str, min_si def _insecure_testing_set_extra_key(key_string: str) -> None: """Use for testing only, see Go documentation.""" - _lib.InsecureTestingSetExtraKey(GoSlice.make(key_string.encode())) + _lib.InsecureTestingSetExtraKey(_GoSlice.make(key_string.encode())) |