ticket creation/verifying code

author: equinox <equinox@diac24.net> 2011-04-01 06:24:41 +0200
committer: equinox <equinox@diac24.net> 2011-04-01 06:24:41 +0200
commit: f323816b73661fa8cb2a1accb4d05ac5b5945fe4 (patch)
tree: 677b8fe6b0df72178f1ed9a7c9074be9c3fb0057
parent: e53f11e801e0cce2741a192445d5bf7542e624bd (diff)
2 files changed, 26 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore
index 45858e9..07bf945 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,3 +3,4 @@ cherrypy.config
 *.pem
 *.pub
 *.orig
+*.key
diff --git a/ticket.py b/ticket.py
new file mode 100644
index 0000000..e7697e9
--- /dev/null
+++ b/ticket.py
@@ -0,0 +1,25 @@
+import crypto, socket, time
+
+keyfile = 'subdap-%s.key' % (socket.gethostname())
+pubfile = 'subdap-%s.pem' % (socket.gethostname())
+keys = ['user', 'ts', 'sig']
+
+def tgt_create(user):
+	ts = int(time.time())
+	data = '%d:%s' % (ts, user)
+	sig = crypto.sign(keyfile, data)
+	return {'user': user, 'ts': ts, 'sig': sig}
+
+def tgt_verify(user, ts, sig, maxage = None):
+	data = '%d:%s' % (int(ts), user)
+	status = crypto.verify(pubfile, data, sig)
+	if maxage != None:
+		status &= ts > time.time() - maxage
+	return status
+
+if __name__ == '__main__':
+	sig = tgt_create('test')
+	print sig
+	assert not tgt_verify(maxage = -9999, **sig)
+	assert     tgt_verify(maxage =  9999, **sig)
+
author	equinox <equinox@diac24.net>	2011-04-01 06:24:41 +0200
committer	equinox <equinox@diac24.net>	2011-04-01 06:24:41 +0200
commit	f323816b73661fa8cb2a1accb4d05ac5b5945fe4 (patch)
tree	677b8fe6b0df72178f1ed9a7c9074be9c3fb0057
parent	e53f11e801e0cce2741a192445d5bf7542e624bd (diff)