-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsigtest.py
38 lines (31 loc) · 1.07 KB
/
sigtest.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
import hmac
import hashlib
import json
def generate_signature(data, secret_key):
message = json.dumps(data, sort_keys=True, separators=(',', ':'))
signature = hmac.new(secret_key.encode(), message.encode(), hashlib.sha256).hexdigest()
return signature
def verify_signature(data, signature, secret_key):
expected_signature = generate_signature(data, secret_key)
return hmac.compare_digest(signature, expected_signature)
# Example usage
secret_key = "my_secret_key"
# Client-side: Generate signature
data = {
"client_id": "abc123",
"timestamp": 1234567890,
"metrics": {
"cpu_usage": 50.0,
"memory_usage": 75.0
}
}
signature = generate_signature(data, secret_key)
print("Generated signature:", signature)
# Server-side: Verify signature
is_valid = verify_signature(data, signature, secret_key)
print("Signature is valid:", is_valid)
# Tamper with the data
data["metrics"]["cpu_usage"] = 100.0
# Server-side: Verify tampered signature
is_valid = verify_signature(data, signature, secret_key)
print("Tampered signature is valid:", is_valid)