indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

Include a nonce within Json-LD signatures

main
Bob Mottram 2022-05-10 17:02:36 +01:00
parent 4f3f3643a9
commit e6d02454fc
2 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
linked_data_sig.py
View File

@ -9,6 +9,7 @@ __email__ = "bob@libreserver.org"
__status__ = "Production" __status__ = "Production"
__module_group__ = "Security" __module_group__ = "Security"
import random
import base64 import base64
import hashlib import hashlib
from datetime import datetime from datetime import datetime
@ -100,6 +101,7 @@ def generate_json_signature(doc: {}, private_key_pem: str) -> None:
return return
options = { options = {
"type": "RsaSignature2017", "type": "RsaSignature2017",
"nonce": '%030x' % random.randrange(16**64),
"creator": doc["actor"] + "#main-key", "creator": doc["actor"] + "#main-key",
"created": datetime.utcnow().replace(microsecond=0).isoformat() + "Z", "created": datetime.utcnow().replace(microsecond=0).isoformat() + "Z",
} }

3
tests.py
View File

@ -3880,9 +3880,9 @@ def _test_jsonld():
assert signed_document assert signed_document
assert signed_document.get('signature') assert signed_document.get('signature')
assert signed_document['signature'].get('signatureValue') assert signed_document['signature'].get('signatureValue')
assert signed_document['signature'].get('nonce')
assert signed_document['signature'].get('type') assert signed_document['signature'].get('type')
assert len(signed_document['signature']['signatureValue']) > 50 assert len(signed_document['signature']['signatureValue']) > 50
# print str(signed_document['signature'])
assert signed_document['signature']['type'] == 'RsaSignature2017' assert signed_document['signature']['type'] == 'RsaSignature2017'
assert verify_json_signature(signed_document, public_key_pem) assert verify_json_signature(signed_document, public_key_pem)
@ -3912,6 +3912,7 @@ def _test_jsonld():
assert len(str(signed_document['signature']['signatureValue'])) > 340 assert len(str(signed_document['signature']['signatureValue'])) > 340
assert (signed_document['signature']['signatureValue'] != assert (signed_document['signature']['signatureValue'] !=
signed_document2['signature']['signatureValue']) signed_document2['signature']['signatureValue'])
print('json-ld tests passed')
def _test_site_active(): def _test_site_active():