MCPcopy
hub / github.com/tornadoweb/tornado / _decode_signed_value_v2

Function _decode_signed_value_v2

tornado/web.py:3757–3794  ·  view source on GitHub ↗
(
    secret: _CookieSecretTypes,
    name: str,
    value: bytes,
    max_age_days: float,
    clock: Callable[[], float],
)

Source from the content-addressed store, hash-verified

3755
3756
3757def _decode_signed_value_v2(
3758 secret: _CookieSecretTypes,
3759 name: str,
3760 value: bytes,
3761 max_age_days: float,
3762 clock: Callable[[], float],
3763) -> Optional[bytes]:
3764 try:
3765 (
3766 key_version,
3767 timestamp_bytes,
3768 name_field,
3769 value_field,
3770 passed_sig,
3771 ) = _decode_fields_v2(value)
3772 except ValueError:
3773 return None
3774 signed_string = value[: -len(passed_sig)]
3775
3776 if isinstance(secret, dict):
3777 try:
3778 secret = secret[key_version]
3779 except KeyError:
3780 return None
3781
3782 expected_sig = _create_signature_v2(secret, signed_string)
3783 if not hmac.compare_digest(passed_sig, expected_sig):
3784 return None
3785 if name_field != utf8(name):
3786 return None
3787 timestamp = int(timestamp_bytes)
3788 if timestamp < clock() - max_age_days * 86400:
3789 # The signature has expired.
3790 return None
3791 try:
3792 return base64.b64decode(value_field)
3793 except Exception:
3794 return None
3795
3796
3797def get_signature_key_version(value: Union[str, bytes]) -> Optional[int]:

Callers 1

decode_signed_valueFunction · 0.85

Calls 3

utf8Function · 0.90
_decode_fields_v2Function · 0.85
_create_signature_v2Function · 0.85

Tested by

no test coverage detected