in moz_kinto_publisher/main.py [0:0]
def __init__(self, **kwargs):
self.derHash = None
self.kinto_id = None
self.pemAttachment = None
self.pemData = None
self.pemHash = None
parseError = IntermediateRecordError(f"Malformed record: {kwargs}")
# Local records have a "pem" field.
# RemoteSettings records have "attachment".
# TODO(jms): These should be versioned (See Issue 180).
if not exactlyOneIn(["pem", "attachment"], kwargs):
raise parseError
if "pem" in kwargs and not allIn(
[
"pubKeyHash",
"subject",
],
kwargs,
):
raise parseError
if "attachment" in kwargs and not allIn(
[
"derHash",
"id",
],
kwargs,
):
raise parseError
try:
if "pubKeyHash" in kwargs:
self.pubKeyHash = base64.b64decode(
kwargs["pubKeyHash"], altchars="-_", validate=True
) # sha256 of the SPKI
else:
self.pubKeyHash = None
except base64.binascii.Error:
raise parseError
if self.pubKeyHash and len(self.pubKeyHash) != 32:
raise IntermediateRecordError(f"Invalid pubkey hash: {kwargs}")
try:
if "derHash" in kwargs:
self.derHash = base64.b64decode(
kwargs["derHash"], altchars="-_", validate=True
)
else:
self.derHash = None
except base64.binascii.Error:
raise parseError
if self.derHash and len(self.derHash) != 32:
raise IntermediateRecordError(f"Invalid DER hash. {kwargs}")
if "pem" in kwargs:
self.set_pem(kwargs["pem"])
if "attachment" in kwargs:
self.kinto_id = kwargs["id"]
self.cert = None
self.pemAttachment = AttachedPem(**kwargs["attachment"])
self.pemHash = self.pemAttachment.hash
if len(self.pemHash) != 64: # sha256 hexdigest
raise IntermediateRecordError(f"Invalid hash. {kwargs}")