forked from indymedia/epicyon
More debug
parent
127a60280f
commit
a37e401440
16
httpsig.py
16
httpsig.py
|
@ -186,7 +186,7 @@ def verifyPostHeaders(httpPrefix: str,publicKeyPem: str,headers: dict, \
|
||||||
if messageBodyDigest:
|
if messageBodyDigest:
|
||||||
bodyDigest=messageBodyDigest
|
bodyDigest=messageBodyDigest
|
||||||
else:
|
else:
|
||||||
bodyDigest = messageContentDigest(messageBodyJsonStr)
|
bodyDigest=messageContentDigest(messageBodyJsonStr)
|
||||||
signedHeaderList.append(f'digest: SHA-256={bodyDigest}')
|
signedHeaderList.append(f'digest: SHA-256={bodyDigest}')
|
||||||
#print('***************************Verify digest: SHA-256='+bodyDigest)
|
#print('***************************Verify digest: SHA-256='+bodyDigest)
|
||||||
#print('***************************Verify messageBodyJsonStr: '+messageBodyJsonStr)
|
#print('***************************Verify messageBodyJsonStr: '+messageBodyJsonStr)
|
||||||
|
@ -197,7 +197,10 @@ def verifyPostHeaders(httpPrefix: str,publicKeyPem: str,headers: dict, \
|
||||||
if debug:
|
if debug:
|
||||||
print('DEBUG: verifyPostHeaders content-length does not match '+headers[signedHeader]+' != '+str(contentLength))
|
print('DEBUG: verifyPostHeaders content-length does not match '+headers[signedHeader]+' != '+str(contentLength))
|
||||||
return False
|
return False
|
||||||
if signedHeader=='date':
|
elif debug:
|
||||||
|
print('DEBUG: verifyPostHeaders content-length matches '+headers[signedHeader])
|
||||||
|
|
||||||
|
elif signedHeader=='date':
|
||||||
if not verifyRecentSignature(headers[signedHeader]):
|
if not verifyRecentSignature(headers[signedHeader]):
|
||||||
if debug:
|
if debug:
|
||||||
print('DEBUG: verifyPostHeaders date is not recent '+headers[signedHeader])
|
print('DEBUG: verifyPostHeaders date is not recent '+headers[signedHeader])
|
||||||
|
@ -207,12 +210,15 @@ def verifyPostHeaders(httpPrefix: str,publicKeyPem: str,headers: dict, \
|
||||||
f'{signedHeader}: {headers[signedHeader]}')
|
f'{signedHeader}: {headers[signedHeader]}')
|
||||||
else:
|
else:
|
||||||
signedHeaderCap=signedHeader.capitalize()
|
signedHeaderCap=signedHeader.capitalize()
|
||||||
if signedHeaderCap=='Content-Length':
|
if signedHeader=='Content-Length':
|
||||||
|
signedHeaderCap=signedHeader
|
||||||
if int(headers[signedHeader])!=contentLength:
|
if int(headers[signedHeader])!=contentLength:
|
||||||
if debug:
|
if debug:
|
||||||
print('DEBUG: verifyPostHeaders Content-Length does not match '+headers[signedHeader]+' != '+str(contentLength))
|
print('DEBUG: verifyPostHeaders Content-Length does not match '+headers[signedHeader]+' != '+str(contentLength))
|
||||||
return False
|
return False
|
||||||
if signedHeaderCap=='Date':
|
elif debug:
|
||||||
|
print('DEBUG: verifyPostHeaders Content-Length matches '+headers[signedHeader])
|
||||||
|
elif signedHeaderCap=='Date':
|
||||||
if not verifyRecentSignature(headers[signedHeaderCap]):
|
if not verifyRecentSignature(headers[signedHeaderCap]):
|
||||||
if debug:
|
if debug:
|
||||||
print('DEBUG: verifyPostHeaders date is not recent '+headers[signedHeader])
|
print('DEBUG: verifyPostHeaders date is not recent '+headers[signedHeader])
|
||||||
|
@ -224,6 +230,8 @@ def verifyPostHeaders(httpPrefix: str,publicKeyPem: str,headers: dict, \
|
||||||
|
|
||||||
#print('***********************signedHeaderList: ')
|
#print('***********************signedHeaderList: ')
|
||||||
#pprint(signedHeaderList)
|
#pprint(signedHeaderList)
|
||||||
|
if debug:
|
||||||
|
print('DEBUG: signedHeaderList: '+str(signedHeaderList))
|
||||||
# Now we have our header data digest
|
# Now we have our header data digest
|
||||||
signedHeaderText = '\n'.join(signedHeaderList)
|
signedHeaderText = '\n'.join(signedHeaderList)
|
||||||
#print('***********************Verify: signedHeaderText: '+signedHeaderText)
|
#print('***********************Verify: signedHeaderText: '+signedHeaderText)
|
||||||
|
|
Loading…
Reference in New Issue