From 6aa1cc8389f819a01d8c107e1b1ca1dbc6913fc1 Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@freedombone.net>
Date: Sun, 3 Jan 2021 19:20:28 +0000
Subject: [PATCH] Extra json signature checks

---
 inbox.py | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/inbox.py b/inbox.py
index 7b1eaac0..59987d7c 100644
--- a/inbox.py
+++ b/inbox.py
@@ -2706,8 +2706,16 @@ def runInboxQueue(recentPostsCache: {}, maxRecentPosts: int,
             print('DEBUG: http header signature check success')
 
         # check json signature
+        checkJsonSignature = False
         if queueJson['original'].get('@context') and \
            queueJson['original'].get('signature'):
+            if isinstance(queueJson['original']['signature'], dict):
+                if queueJson['original']['signature'].get('type') and \
+                   queueJson['original']['signature'].get('signatureValue'):
+                    if queueJson['original']['signature']['type'] == \
+                       'RsaSignature2017':
+                        checkJsonSignature = True
+        if checkJsonSignature:
             # use the original json message received, not one which may have
             # been modified along the way
             if not jsonldVerify(queueJson['original'], pubKey):