indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

Check for signature without header

merge-requests/8/head
Bob Mottram 2021-01-03 19:08:39 +00:00
parent 5a327d281e
commit a8906b25d7
2 changed files with 18 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
inbox.py
View File

@ -2710,19 +2710,17 @@ def runInboxQueue(recentPostsCache: {}, maxRecentPosts: int,
queueJson['original'].get('signature'): queueJson['original'].get('signature'):
# use the original json message received, not one which may have # use the original json message received, not one which may have
# been modified along the way # been modified along the way
print('inbox signature: ' + str(pubKey)) if not jsonldVerify(queueJson['original'], pubKey):
print('inbox signature: ' + str(queueJson['original'])) print('WARN: jsonld inbox signature check failed ' +
# if not jsonldVerify(queueJson['original'], pubKey): keyId + ' ' + pubKey + ' ' +
# print('WARN: jsonld inbox signature check failed ' + str(queueJson['original']))
# keyId + ' ' + pubKey + ' ' + if os.path.isfile(queueFilename):
# str(queueJson['original'])) os.remove(queueFilename)
# if os.path.isfile(queueFilename): if len(queue) > 0:
# os.remove(queueFilename) queue.pop(0)
# if len(queue) > 0: continue
# queue.pop(0) else:
# continue print('jsonld inbox signature check success')
# else:
# print('jsonld inbox signature check success')
# set the id to the same as the post filename # set the id to the same as the post filename
# This makes the filename and the id consistent # This makes the filename and the id consistent

10
jsonldsig.py
View File

@ -93,9 +93,13 @@ def _verifyJws(payload: {}, jwsSignature: str, publicKeyPem: str) -> bool:
""" """
Verifies a signature using the given public key Verifies a signature using the given public key
""" """
encodedHeader, encodedSignature = jwsSignature.split(b'..') if b'..' in jwsSignature:
signature = _b64safeDecode(encodedSignature) encodedHeader, encodedSignature = jwsSignature.split(b'..')
payload = b'.'.join([encodedHeader, payload]) signature = _b64safeDecode(encodedSignature)
payload = b'.'.join([encodedHeader, payload])
else:
signature = _b64safeDecode(jwsSignature)
payload = b'.'.join([payload])
return _verifyRs256(payload, signature, publicKeyPem) return _verifyRs256(payload, signature, publicKeyPem)