From b0e099fc7f9f9f49e08863d7d7ebf59fdbeb6700 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sun, 4 Apr 2021 21:34:42 +0100 Subject: [PATCH 1/5] Extra debug --- tests.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tests.py b/tests.py index 9b7fa8ec9..b136c224d 100644 --- a/tests.py +++ b/tests.py @@ -273,7 +273,9 @@ def testHttpSigNew(): 'digest, content-type, content-length)' if signatureIndexHeader != expectedIndexHeader: print('Unexpected new http header: ' + signatureIndexHeader) - print('Should be: ' + expectedIndexHeader) + print('Should be: ' + expectedIndexHeader) + if signatureIndexHeader.strip() != expectedIndexHeader: + print('stripped match') assert signatureIndexHeader == expectedIndexHeader assert signatureHeader == \ 'sig1=:LQU1PcJILSp1Q30GWINusfftYYKfTtam7InSu2c+ZzfGC' + \ From 6e03698235f191dc4fe54acad2a484ac25dd7cdf Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sun, 4 Apr 2021 21:41:55 +0100 Subject: [PATCH 2/5] Strip header --- httpsig.py | 2 +- tests.py | 2 -- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/httpsig.py b/httpsig.py index fca42310c..07fe4c449 100644 --- a/httpsig.py +++ b/httpsig.py @@ -180,7 +180,7 @@ def signPostHeadersNew(dateStr: str, privateKeyPem: str, } signatureHeader = '; '.join( [f'{k}=:{v}:' for k, v in signatureDict.items()]) - return signatureIndexHeader, signatureHeader + return signatureIndexHeader.strip(), signatureHeader def createSignedHeader(privateKeyPem: str, nickname: str, diff --git a/tests.py b/tests.py index b136c224d..46d513f90 100644 --- a/tests.py +++ b/tests.py @@ -274,8 +274,6 @@ def testHttpSigNew(): if signatureIndexHeader != expectedIndexHeader: print('Unexpected new http header: ' + signatureIndexHeader) print('Should be: ' + expectedIndexHeader) - if signatureIndexHeader.strip() != expectedIndexHeader: - print('stripped match') assert signatureIndexHeader == expectedIndexHeader assert signatureHeader == \ 'sig1=:LQU1PcJILSp1Q30GWINusfftYYKfTtam7InSu2c+ZzfGC' + \ From 9176e3d146350b1521a34671a4636377e68c30bd Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sun, 4 Apr 2021 21:47:02 +0100 Subject: [PATCH 3/5] Extraneous prints --- tests.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/tests.py b/tests.py index 46d513f90..d1973d360 100644 --- a/tests.py +++ b/tests.py @@ -3416,8 +3416,6 @@ def testSpeakerReplaceLinks(): 'how-to-help-running-snowflake/' detectedLinks = [] result = speakerReplaceLinks(text, {'Linked': 'Web link'}, detectedLinks) - print(result) - print(str(detectedLinks)) assert len(detectedLinks) == 1 assert detectedLinks[0] == \ 'https://support.torproject.org/censorship/' + \ From 6dc3e515502816a16961529ae0f4de77f25cddd5 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sun, 4 Apr 2021 21:52:56 +0100 Subject: [PATCH 4/5] strip --- tests.py | 1 + 1 file changed, 1 insertion(+) diff --git a/tests.py b/tests.py index d1973d360..40f7a6907 100644 --- a/tests.py +++ b/tests.py @@ -271,6 +271,7 @@ def testHttpSigNew(): 'alg=hs2019; created=' + str(secondsSinceEpoch) + '; ' + \ 'sig1=(*request-target, *created, host, date, ' + \ 'digest, content-type, content-length)' + signatureIndexHeader = signatureIndexHeader.strip() if signatureIndexHeader != expectedIndexHeader: print('Unexpected new http header: ' + signatureIndexHeader) print('Should be: ' + expectedIndexHeader) From 10492581ff4bb24b2e91e2363163eb242a3caf77 Mon Sep 17 00:00:00 2001 From: Bob Mottram Date: Sun, 4 Apr 2021 22:30:26 +0100 Subject: [PATCH 5/5] Fix new http signature test --- httpsig.py | 7 +++---- tests.py | 23 ++++++++++------------- 2 files changed, 13 insertions(+), 17 deletions(-) diff --git a/httpsig.py b/httpsig.py index 07fe4c449..f11e07203 100644 --- a/httpsig.py +++ b/httpsig.py @@ -18,7 +18,6 @@ from cryptography.hazmat.primitives.serialization import load_pem_public_key from cryptography.hazmat.primitives.asymmetric import padding from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.asymmetric import utils as hazutils -import calendar import base64 from time import gmtime, strftime import datetime @@ -120,11 +119,11 @@ def signPostHeadersNew(dateStr: str, privateKeyPem: str, timeFormat = "%a, %d %b %Y %H:%M:%S %Z" if not dateStr: currTime = gmtime() - secondsSinceEpoch = int(calendar.timegm(currTime)) dateStr = strftime(timeFormat, currTime) else: currTime = datetime.datetime.strptime(dateStr, timeFormat) - secondsSinceEpoch = int(currTime.timestamp()) + secondsSinceEpoch = \ + int((currTime - datetime.datetime(1970, 1, 1)).total_seconds()) keyID = httpPrefix + '://' + domain + '/users/' + nickname + '#main-key' if not messageBodyJsonStr: headers = { @@ -180,7 +179,7 @@ def signPostHeadersNew(dateStr: str, privateKeyPem: str, } signatureHeader = '; '.join( [f'{k}=:{v}:' for k, v in signatureDict.items()]) - return signatureIndexHeader.strip(), signatureHeader + return signatureIndexHeader, signatureHeader def createSignedHeader(privateKeyPem: str, nickname: str, diff --git a/tests.py b/tests.py index 40f7a6907..ddbe4f247 100644 --- a/tests.py +++ b/tests.py @@ -224,7 +224,7 @@ def testHttpSigNew(): # "Signature": sig # } dateStr = "Tue, 07 Jun 2014 20:51:35 GMT" - secondsSinceEpoch = 1402170695 + secondsSinceEpoch = 1402174295 domain = "example.com" port = 443 headers = { @@ -242,14 +242,12 @@ def testHttpSigNew(): debug = False assert verifyPostHeaders(httpPrefix, publicKeyPem, headers, boxpath, False, None, - messageBodyJsonStr, debug, - True) + messageBodyJsonStr, debug, True) # make a deliberate mistake headers['Signature'] = headers['Signature'].replace('V', 'B') assert not verifyPostHeaders(httpPrefix, publicKeyPem, headers, boxpath, False, None, - messageBodyJsonStr, debug, - True) + messageBodyJsonStr, debug, True) # test signing bodyDigest = messageContentDigest(messageBodyJsonStr) contentLength = len(messageBodyJsonStr) @@ -271,19 +269,18 @@ def testHttpSigNew(): 'alg=hs2019; created=' + str(secondsSinceEpoch) + '; ' + \ 'sig1=(*request-target, *created, host, date, ' + \ 'digest, content-type, content-length)' - signatureIndexHeader = signatureIndexHeader.strip() if signatureIndexHeader != expectedIndexHeader: print('Unexpected new http header: ' + signatureIndexHeader) print('Should be: ' + expectedIndexHeader) assert signatureIndexHeader == expectedIndexHeader assert signatureHeader == \ - 'sig1=:LQU1PcJILSp1Q30GWINusfftYYKfTtam7InSu2c+ZzfGC' + \ - 'bTSevRgifZFuG2asFi8ubG/uUVHiBwIxxIz1u/JyWC3lYIFgjQF' + \ - 'RFM6As2b/ytnMA0LQhNebvk05iUNsz5izSoNTp5h9J7+roWkl6l' + \ - '8d5EA7vPMTQTJZnyU1cXBlvP1MtuVAKR6MbB3Aa/iZ4XOeaNK5E' + \ - '1VuPfNFrdnizIELE3nGVoVqNNImgMY3DWhtF3vvezrcT0J2vNGZ' + \ - 'cvhBfgn/xeAsNxz67SIHMgiXvLL6TFqEI1en9dl9A3ihB6ZO6+W' + \ - 'gUoW7OobZNlPxAUkQCc2A6oVjCYOdpKdrMAXQp2TQQ==:' + 'sig1=:euX3O1KSTYXN9/oR2qFezswWm9FbrjtRymK7xBpXNQvTs' + \ + 'XehtrNdD8nELZKzPXMvMz7PaJd6V+fjzpHoZ9upTdqqQLK2Iwml' + \ + 'p4BlHqW6Aopd7sZFCWFq7/Amm5oaizpp3e0jb5XISS5m3cRKuoi' + \ + 'LM0x+OudmAoYGi0TEEJk8bpnJAXfVCDfmOyL3XNqQeShQHeOANG' + \ + 'okiKktj8ff+KLYLaPTAJkob1k/EhoPIkbw/YzAY8IZjWQNMkf+F' + \ + 'JChApQ5HnDCQPwD5xV9eGzBpAf6D0G19xiTmQye4Hn6tAs3fy3V' + \ + '/aYa/GhW2pSrctDnAKIi4imj9joppr3CB8gqgXZOPQ==:' def _testHttpsigBase(withDigest):