mirror of https://gitlab.com/bashrc2/epicyon
				
				
				
			Include a nonce within Json-LD signatures
							parent
							
								
									4f3f3643a9
								
							
						
					
					
						commit
						e6d02454fc
					
				|  | @ -9,6 +9,7 @@ __email__ = "bob@libreserver.org" | ||||||
| __status__ = "Production" | __status__ = "Production" | ||||||
| __module_group__ = "Security" | __module_group__ = "Security" | ||||||
| 
 | 
 | ||||||
|  | import random | ||||||
| import base64 | import base64 | ||||||
| import hashlib | import hashlib | ||||||
| from datetime import datetime | from datetime import datetime | ||||||
|  | @ -100,6 +101,7 @@ def generate_json_signature(doc: {}, private_key_pem: str) -> None: | ||||||
|         return |         return | ||||||
|     options = { |     options = { | ||||||
|         "type": "RsaSignature2017", |         "type": "RsaSignature2017", | ||||||
|  |         "nonce": '%030x' % random.randrange(16**64), | ||||||
|         "creator": doc["actor"] + "#main-key", |         "creator": doc["actor"] + "#main-key", | ||||||
|         "created": datetime.utcnow().replace(microsecond=0).isoformat() + "Z", |         "created": datetime.utcnow().replace(microsecond=0).isoformat() + "Z", | ||||||
|     } |     } | ||||||
|  |  | ||||||
							
								
								
									
										3
									
								
								tests.py
								
								
								
								
							
							
						
						
									
										3
									
								
								tests.py
								
								
								
								
							|  | @ -3880,9 +3880,9 @@ def _test_jsonld(): | ||||||
|     assert signed_document |     assert signed_document | ||||||
|     assert signed_document.get('signature') |     assert signed_document.get('signature') | ||||||
|     assert signed_document['signature'].get('signatureValue') |     assert signed_document['signature'].get('signatureValue') | ||||||
|  |     assert signed_document['signature'].get('nonce') | ||||||
|     assert signed_document['signature'].get('type') |     assert signed_document['signature'].get('type') | ||||||
|     assert len(signed_document['signature']['signatureValue']) > 50 |     assert len(signed_document['signature']['signatureValue']) > 50 | ||||||
|     # print str(signed_document['signature']) |  | ||||||
|     assert signed_document['signature']['type'] == 'RsaSignature2017' |     assert signed_document['signature']['type'] == 'RsaSignature2017' | ||||||
|     assert verify_json_signature(signed_document, public_key_pem) |     assert verify_json_signature(signed_document, public_key_pem) | ||||||
| 
 | 
 | ||||||
|  | @ -3912,6 +3912,7 @@ def _test_jsonld(): | ||||||
|     assert len(str(signed_document['signature']['signatureValue'])) > 340 |     assert len(str(signed_document['signature']['signatureValue'])) > 340 | ||||||
|     assert (signed_document['signature']['signatureValue'] != |     assert (signed_document['signature']['signatureValue'] != | ||||||
|             signed_document2['signature']['signatureValue']) |             signed_document2['signature']['signatureValue']) | ||||||
|  |     print('json-ld tests passed') | ||||||
| 
 | 
 | ||||||
| 
 | 
 | ||||||
| def _test_site_active(): | def _test_site_active(): | ||||||
|  |  | ||||||
		Loading…
	
		Reference in New Issue