indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

Snake case

main
Bob Mottram 2021-12-26 12:13:46 +00:00
parent 2ae2ce4945
commit 41d8c2edde
4 changed files with 20 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
httpsig.py
View File

@ -23,8 +23,8 @@ import base64
from time import gmtime, strftime from time import gmtime, strftime
import datetime import datetime
from utils import getFullDomain from utils import getFullDomain
from utils import getSHA256 from utils import get_sha_256
from utils import getSHA512 from utils import get_sha_512
from utils import local_actor_url from utils import local_actor_url
@ -34,9 +34,9 @@ def messageContentDigest(messageBodyJsonStr: str, digestAlgorithm: str) -> str:
msg = messageBodyJsonStr.encode('utf-8') msg = messageBodyJsonStr.encode('utf-8')
if digestAlgorithm == 'rsa-sha512' or \ if digestAlgorithm == 'rsa-sha512' or \
digestAlgorithm == 'rsa-pss-sha512': digestAlgorithm == 'rsa-pss-sha512':
hashResult = getSHA512(msg) hashResult = get_sha_512(msg)
else: else:
hashResult = getSHA256(msg) hashResult = get_sha_256(msg)
return base64.b64encode(hashResult).decode('utf-8') return base64.b64encode(hashResult).decode('utf-8')
@ -121,7 +121,7 @@ def signPostHeaders(dateStr: str, privateKeyPem: str,
# strip the trailing linefeed # strip the trailing linefeed
signedHeaderText = signedHeaderText.rstrip('\n') signedHeaderText = signedHeaderText.rstrip('\n')
# signedHeaderText.encode('ascii') matches # signedHeaderText.encode('ascii') matches
headerDigest = getSHA256(signedHeaderText.encode('ascii')) headerDigest = get_sha_256(signedHeaderText.encode('ascii'))
# print('headerDigest2: ' + str(headerDigest)) # print('headerDigest2: ' + str(headerDigest))
# Sign the digest # Sign the digest
@ -205,14 +205,14 @@ def signPostHeadersNew(dateStr: str, privateKeyPem: str,
# Sign the digest. Potentially other signing algorithms can be added here. # Sign the digest. Potentially other signing algorithms can be added here.
signature = '' signature = ''
if algorithm == 'rsa-sha512': if algorithm == 'rsa-sha512':
headerDigest = getSHA512(signedHeaderText.encode('ascii')) headerDigest = get_sha_512(signedHeaderText.encode('ascii'))
rawSignature = key.sign(headerDigest, rawSignature = key.sign(headerDigest,
padding.PKCS1v15(), padding.PKCS1v15(),
hazutils.Prehashed(hashes.SHA512())) hazutils.Prehashed(hashes.SHA512()))
signature = base64.b64encode(rawSignature).decode('ascii') signature = base64.b64encode(rawSignature).decode('ascii')
else: else:
# default rsa-sha256 # default rsa-sha256
headerDigest = getSHA256(signedHeaderText.encode('ascii')) headerDigest = get_sha_256(signedHeaderText.encode('ascii'))
rawSignature = key.sign(headerDigest, rawSignature = key.sign(headerDigest,
padding.PKCS1v15(), padding.PKCS1v15(),
hazutils.Prehashed(hashes.SHA256())) hazutils.Prehashed(hashes.SHA256()))
@ -539,9 +539,9 @@ def verifyPostHeaders(http_prefix: str,
alg = hazutils.Prehashed(hashes.SHA256()) alg = hazutils.Prehashed(hashes.SHA256())
if digestAlgorithm == 'rsa-sha256': if digestAlgorithm == 'rsa-sha256':
headerDigest = getSHA256(signedHeaderText.encode('ascii')) headerDigest = get_sha_256(signedHeaderText.encode('ascii'))
elif digestAlgorithm == 'rsa-sha512': elif digestAlgorithm == 'rsa-sha512':
headerDigest = getSHA512(signedHeaderText.encode('ascii')) headerDigest = get_sha_512(signedHeaderText.encode('ascii'))
else: else:
print('Unknown http digest algorithm: ' + digestAlgorithm) print('Unknown http digest algorithm: ' + digestAlgorithm)
headerDigest = '' headerDigest = ''

6
linked_data_sig.py
View File

@ -20,7 +20,7 @@ from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import utils as hazutils from cryptography.hazmat.primitives.asymmetric import utils as hazutils
from pyjsonld import normalize from pyjsonld import normalize
from context import hasValidContext from context import hasValidContext
from utils import getSHA256 from utils import get_sha_256
def _options_hash(doc: {}) -> str: def _options_hash(doc: {}) -> str:
@ -76,7 +76,7 @@ def verifyJsonSignature(doc: {}, publicKeyPem: str) -> bool:
to_be_signed = _options_hash(doc) + _doc_hash(doc) to_be_signed = _options_hash(doc) + _doc_hash(doc)
signature = doc["signature"]["signatureValue"] signature = doc["signature"]["signatureValue"]
digest = getSHA256(to_be_signed.encode("utf-8")) digest = get_sha_256(to_be_signed.encode("utf-8"))
base64sig = base64.b64decode(signature) base64sig = base64.b64decode(signature)
try: try:
@ -108,7 +108,7 @@ def generateJsonSignature(doc: {}, privateKeyPem: str) -> None:
key = load_pem_private_key(privateKeyPem.encode('utf-8'), key = load_pem_private_key(privateKeyPem.encode('utf-8'),
None, backend=default_backend()) None, backend=default_backend())
digest = getSHA256(to_be_signed.encode("utf-8")) digest = get_sha_256(to_be_signed.encode("utf-8"))
signature = key.sign(digest, signature = key.sign(digest,
padding.PKCS1v15(), padding.PKCS1v15(),
hazutils.Prehashed(hashes.SHA256())) hazutils.Prehashed(hashes.SHA256()))

4
tests.py
View File

@ -54,7 +54,7 @@ from follow import clearFollowers
from follow import sendFollowRequestViaServer from follow import sendFollowRequestViaServer
from follow import sendUnfollowRequestViaServer from follow import sendUnfollowRequestViaServer
from siteactive import siteIsActive from siteactive import siteIsActive
from utils import getSHA256 from utils import get_sha_256
from utils import dangerousSVG from utils import dangerousSVG
from utils import canReplyTo from utils import canReplyTo
from utils import isGroupAccount from utils import isGroupAccount
@ -376,7 +376,7 @@ def _testSignAndVerify() -> None:
'host: octodon.social\n' + \ 'host: octodon.social\n' + \
'date: Tue, 14 Sep 2021 16:19:00 GMT\n' + \ 'date: Tue, 14 Sep 2021 16:19:00 GMT\n' + \
'accept: application/json' 'accept: application/json'
headerDigest = getSHA256(signedHeaderText.encode('ascii')) headerDigest = get_sha_256(signedHeaderText.encode('ascii'))
key = load_pem_private_key(privateKeyPem.encode('utf-8'), key = load_pem_private_key(privateKeyPem.encode('utf-8'),
None, backend=default_backend()) None, backend=default_backend())
rawSignature = key.sign(headerDigest, rawSignature = key.sign(headerDigest,

12
utils.py
View File

@ -134,14 +134,14 @@ def is_featured_writer(base_dir: str, nickname: str, domain: str) -> bool:
def refresh_newswire(base_dir: str): def refresh_newswire(base_dir: str):
"""Causes the newswire to be updates after a change to user accounts """Causes the newswire to be updates after a change to user accounts
""" """
refresh_newswireFilename = base_dir + '/accounts/.refresh_newswire' refresh_newswire_filename = base_dir + '/accounts/.refresh_newswire'
if os.path.isfile(refresh_newswireFilename): if os.path.isfile(refresh_newswire_filename):
return return
with open(refresh_newswireFilename, 'w+') as refreshFile: with open(refresh_newswire_filename, 'w+') as refresh_file:
refreshFile.write('\n') refresh_file.write('\n')
def getSHA256(msg: str): def get_sha_256(msg: str):
"""Returns a SHA256 hash of the given string """Returns a SHA256 hash of the given string
""" """
digest = hashes.Hash(hashes.SHA256(), backend=default_backend()) digest = hashes.Hash(hashes.SHA256(), backend=default_backend())
@ -149,7 +149,7 @@ def getSHA256(msg: str):
return digest.finalize() return digest.finalize()
def getSHA512(msg: str): def get_sha_512(msg: str):
"""Returns a SHA512 hash of the given string """Returns a SHA512 hash of the given string
""" """
digest = hashes.Hash(hashes.SHA512(), backend=default_backend()) digest = hashes.Hash(hashes.SHA512(), backend=default_backend())