def verify_item_signature()

in src/dynamodb_encryption_sdk/internal/crypto/authentication.py [0:0]

• 11 lines of code
• 2 McCabe index (conditional complexity)

def verify_item_signature(signature_attribute, encrypted_item, verification_key, crypto_config):
    # type: (dynamodb_types.BINARY_ATTRIBUTE, dynamodb_types.ITEM, DelegatedKey, CryptoConfig) -> None
    """Verify the item signature.

    :param dict signature_attribute: Item signature DynamoDB attribute value
    :param dict encrypted_item: Encrypted DynamoDB item
    :param DelegatedKey verification_key: DelegatedKey to use to calculate the signature
    :param CryptoConfig crypto_config: Cryptographic configuration
    """
    # for some reason pylint can't follow the Enum member attributes
    signature = signature_attribute[Tag.BINARY.dynamodb_tag]  # pylint: disable=no-member
    verification_key.verify(
        algorithm=verification_key.algorithm,
        signature=signature,
        data=_string_to_sign(
            item=encrypted_item,
            table_name=crypto_config.encryption_context.table_name,
            attribute_actions=crypto_config.attribute_actions,
        ),
    )