Check for signature without header

2021-01-03 19:08:39 +00:00 · 2021-01-03 19:08:39 +00:00 · a8906b25d7
parent 5a327d281e
commit a8906b25d7
2 changed files with 18 additions and 16 deletions
--- a/inbox.py
+++ b/inbox.py
@ -2710,19 +2710,17 @@ def runInboxQueue(recentPostsCache: {}, maxRecentPosts: int,
           queueJson['original'].get('signature'):
            # use the original json message received, not one which may have
            # been modified along the way
-            print('inbox signature: ' + str(pubKey))
-            print('inbox signature: ' + str(queueJson['original']))
-#            if not jsonldVerify(queueJson['original'], pubKey):
-#                print('WARN: jsonld inbox signature check failed ' +
-#                      keyId + ' ' + pubKey + ' ' +
-#                      str(queueJson['original']))
-#                if os.path.isfile(queueFilename):
-#                    os.remove(queueFilename)
-#                if len(queue) > 0:
-#                    queue.pop(0)
-#                continue
-#            else:
-#                print('jsonld inbox signature check success')
+            if not jsonldVerify(queueJson['original'], pubKey):
+                print('WARN: jsonld inbox signature check failed ' +
+                      keyId + ' ' + pubKey + ' ' +
+                      str(queueJson['original']))
+                if os.path.isfile(queueFilename):
+                    os.remove(queueFilename)
+                if len(queue) > 0:
+                    queue.pop(0)
+                continue
+            else:
+                print('jsonld inbox signature check success')

        # set the id to the same as the post filename
        # This makes the filename and the id consistent
--- a/jsonldsig.py
+++ b/jsonldsig.py
@ -93,9 +93,13 @@ def _verifyJws(payload: {}, jwsSignature: str, publicKeyPem: str) -> bool:
    """
    Verifies a signature using the given public key
    """
-    encodedHeader, encodedSignature = jwsSignature.split(b'..')
-    signature = _b64safeDecode(encodedSignature)
-    payload = b'.'.join([encodedHeader, payload])
+    if b'..' in jwsSignature:
+        encodedHeader, encodedSignature = jwsSignature.split(b'..')
+        signature = _b64safeDecode(encodedSignature)
+        payload = b'.'.join([encodedHeader, payload])
+    else:
+        signature = _b64safeDecode(jwsSignature)
+        payload = b'.'.join([payload])
    return _verifyRs256(payload, signature, publicKeyPem)