diff --git a/src/_zkapauthorizer/_storage_server.py b/src/_zkapauthorizer/_storage_server.py index 6d03290e7a3dc719a1c2c5fee00df03cdaae179d..fa9aedb748d624558834b727e7db6a9a4a03629d 100644 --- a/src/_zkapauthorizer/_storage_server.py +++ b/src/_zkapauthorizer/_storage_server.py @@ -61,6 +61,16 @@ from .storage_common import ( ) class MorePassesRequired(Exception): + """ + Storage operations fail with ``MorePassesRequired`` when they are not + accompanied by a sufficient number of valid passes. + + :ivar int valid_count: The number of valid passes presented in the + operation. + + ivar int required_count: The number of valid passes which must be + presented for the operation to be authorized. + """ def __init__(self, valid_count, required_count): self.valid_count = valid_count self.required_count = required_count @@ -90,12 +100,13 @@ class ZKAPAuthorizerStorageServer(Referenceable): def _is_invalid_pass(self, message, pass_): """ - Check the validity of a single pass. + Cryptographically check the validity of a single pass. :param unicode message: The shared message for pass validation. :param bytes pass_: The encoded pass to validate. - :return bool: ``True`` if the pass is invalid, ``False`` otherwise. + :return bool: ``False`` (invalid) if the pass includes a valid + signature, ``True`` (valid) otherwise. """ assert isinstance(message, unicode), "message %r not unicode" % (message,) assert isinstance(pass_, bytes), "pass %r not bytes" % (pass_,)