Here are sample snippets to help you implement signature verification:
Copy
Ask AI
from base64 import b64decodeimport binasciifrom cryptography.hazmat.primitives import serializationfrom cryptography.hazmat.primitives.asymmetric import ed25519# load public key from filesystem, you may adapt depending on your secret management frameworkpublic_key = serialization.load_pem_public_key(open("/var/secrets/partoo.pub.pem"))def validate_signature(request): if (signature:=request.headers.get("X-Partoo-Signature-v1")) is None: raise ValueError("Missing signature") # don't trust your inputs # will raise a subclass of ValueError if format is invalid decoded_signature = b64decode(signature, validate=True) # validate payload's signature try: public_key.verify(decoded_signature, request.body.encode()) except Exception as e: raise ValueError("Invalid signature") from e
