Previous topic

CMS - Cryptographic Message Syntax / PKCS#7

Next topic

DEP - Device Enrollment Programme

This Page

  1. Docs
  2. Internals Reference
  3. CMS - Cryptographic Message Syntax / PKCS#7
  4. Decorators

Decorators

commandment.cms.decorators.verify_cms_signers(f)[source]

Verify the signers of a request containing a CMS/PKCS#7, DER encoded body.

The certificate of each signer is placed on the global g variable as g.signers and the signed data is set as g.signed_data.

In unit tests, this decorator is completely disabled by the presence of testing = True

Raises:
    • TypeError if Content-Type header is not “application/pkcs7-signature”
    • SigningError if any signer on the CMS content is not valid.
commandment.cms.decorators.verify_mdm_signature(f)[source]

Verify the signature supplied by the client in the request using the Mdm-Signature header.

If the authenticity of the message has been verified, then the signer is attached to the g object as g.signer.

In unit tests, this decorator is completely disabled by the presence of app.testing = True. You can also disable enforcement in dev by setting the flask setting DEBUG to true.

Reqheader Mdm-Signature:
 BASE64-encoded CMS Detached Signature of the message. (if SignMessage was true)
CMS - Cryptographic Message Syntax / PKCS#7
DEP - Device Enrollment Programme
© Copyright 2017, Jesse Peterson, Mosen. Created using Sphinx.