Python implementation of Sberbank signature verification (using async cryptography).
Project description
Sberbank signature verification using async cryptography
The code of keys generation and message signing and signature verification is universal,
it is not only Sberbank-compatible. You can use it for your own purposes.
However there is a sberbank_tools module that consist sberbank-specific functions.
The repo is open for pull requests. The author will be glad to hear some good feedback from you.
Python version
Python version that has been used while coding is 3.8. Other versions has not been tested but they might work.
Installation
pip install -i sberbank_callback_async_cryptography
Flask example
import os
from dotenv import load_dotenv
from flask import request
from flask_restful import Resource
from sb_async_cryptography.sberbank_tools import verify_signature, params_get_checksum
from sb_async_cryptography.signature import public_key_import_from_x509_certificate_file
load_dotenv()
SBERBANK_PUBLIC_KEY_FILE = os.getenv('SBERBANK_PUBLIC_KEY_FILE')
pub_key = public_key_import_from_x509_certificate_file(SBERBANK_PUBLIC_KEY_FILE)
class Notification(Resource):
def get(self):
"""Status change notification from Sberbank"""
params = request.args
signature = params_get_checksum(params)
if not verify_signature(pub_key, signature, params):
return {"errors": "Signature verification failed."}, 400
# some other code here
FastAPI example
import os
from dotenv import load_dotenv
from fastapi import Request
from sb_async_cryptography.sberbank_tools import verify_signature, params_get_checksum
from sb_async_cryptography.signature import public_key_import_from_x509_certificate_file
from starlette.responses import JSONResponse
load_dotenv()
SBERBANK_PUBLIC_KEY_FILE = os.getenv('SBERBANK_PUBLIC_KEY_FILE')
pub_key = public_key_import_from_x509_certificate_file(SBERBANK_PUBLIC_KEY_FILE)
async def notification(request: Request):
"""Status change notification from Sberbank"""
params = dict(request.query_params)
signature = params_get_checksum(params)
if not verify_signature(pub_key, signature, params):
return JSONResponse(status_code=400, content={"errors": "Signature verification failed."})
# some other code here
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file sberbank-async-cryptography-1.0.0.tar.gz.
File metadata
- Download URL: sberbank-async-cryptography-1.0.0.tar.gz
- Upload date:
- Size: 4.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.2.0 pkginfo/1.5.0.1 requests/2.24.0 setuptools/49.6.0 requests-toolbelt/0.9.1 tqdm/4.48.2 CPython/3.8.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | e1c5ae9a83ec2b611220f20edcaef3b55e64326b8ec0104234bdbdc22ac32403 |
|
| MD5 | 750715b5fc79284eeb07ce4cde150419 |
|
| BLAKE2b-256 | 2126372b8f58da6d135e7fac80e057abbc98e49a1b436a051bbfeefdac6b9566 |
File details
Details for the file sberbank_async_cryptography-1.0.0-py3-none-any.whl.
File metadata
- Download URL: sberbank_async_cryptography-1.0.0-py3-none-any.whl
- Upload date:
- Size: 5.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.2.0 pkginfo/1.5.0.1 requests/2.24.0 setuptools/49.6.0 requests-toolbelt/0.9.1 tqdm/4.48.2 CPython/3.8.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 71f158ecd682d19261c8769360127107412a5c0227590babacf55caa7ecb58f8 |
|
| MD5 | f3430dd0982c4993d7d2a3d3bffeafdf |
|
| BLAKE2b-256 | d8198e49432eddf9ab578c3acc994d475355754b49e57cb8279a40cc60bdab74 |
