indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

Extra json signature checks

main
Bob Mottram 2021-01-03 19:20:28 +00:00
parent 5fc36f6ebb
commit 6aa1cc8389
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
inbox.py
View File

@ -2706,8 +2706,16 @@ def runInboxQueue(recentPostsCache: {}, maxRecentPosts: int,
print('DEBUG: http header signature check success')
# check json signature
checkJsonSignature = False
if queueJson['original'].get('@context') and \
queueJson['original'].get('signature'):
if isinstance(queueJson['original']['signature'], dict):
if queueJson['original']['signature'].get('type') and \
queueJson['original']['signature'].get('signatureValue'):
if queueJson['original']['signature']['type'] == \
'RsaSignature2017':
checkJsonSignature = True
if checkJsonSignature:
# use the original json message received, not one which may have
# been modified along the way
if not jsonldVerify(queueJson['original'], pubKey):