bovine.crypto
This module includes wrappers for creating cryptographic identities and the functionality to verify signatures of http requests. BovineClient and BovineActor take care of making properly signed requests.
- bovine.crypto.build_validate_http_signature(key_retriever)[source]
Creates a validate_signature function. validate_signature takes the request as parameter and returns the owner if the http signature is valid.
- Parameters:
key_retriever – A coroutine that given a key id returns a tuple public_key, owner. Here public_key is assumed to be PEM encoded and owner is an URI. In the Fediverse use case, owner will be the actor id.
Example
async def retrieve(key_id): async with aiohttp.ClientSession() as session: response = await session.get(key_id) data = await response.json() key = data.get("publicKey", {}) return key.get("publicKeyPem"), key.get("owner") validator = build_validate_http_signature(retrieve)
validator then accepts as argument a werzeug.wrappers.Request object.
- bovine.crypto.build_validate_http_signature_raw(key_retriever)[source]
Creates a validate_signature function. validate_signature takes (method, url, headers, body) as parameters and returns the owner if the http signature is valid. The rest of behavior is as build_validate_http_signature.
- bovine.crypto.generate_ed25519_private_key() str [source]
Returns a multicodec/multibase encoded ed25519 private key
- bovine.crypto.generate_rsa_public_private_key() Tuple[str, str] [source]
Generates a new pair of RSA public and private keys.
- Returns:
pem encoded public and private key
- bovine.crypto.private_key_to_did_key(private_key_str: str) str [source]
Computes public key in did key form of Ed25519 private key
- Parameters:
private_key_str – multibase/multicodec encoded Ed25519 private key
- Returns:
did:key
- async bovine.crypto.validate_moo_auth_signature(request, domain) Tuple[str | None, str | None] [source]
Validates the Moo-Auth-1 signature of the request. Returns the did-key if the signature is valid.
- Parameters:
request – The request to validate the signature for.
domain – The domain the request is made to.
- Returns:
On success the did key and domain, on failure None, None When no domain is passed the did key and None is returned
- class bovine.crypto.http_signature.HttpSignature[source]
Helper class to build http signatures
Usage: Add fields used for signature with with_fields. Then use build_signature or verify depending on use case.
- build_signature(key_id: str, private_key: str)[source]
Returns the signature string when signed with private_key
- property headers
Headers as specified when building http signature