diff --git a/inbox.py b/inbox.py index db29ffb9..7159b8b4 100644 --- a/inbox.py +++ b/inbox.py @@ -2710,19 +2710,17 @@ def runInboxQueue(recentPostsCache: {}, maxRecentPosts: int, queueJson['original'].get('signature'): # use the original json message received, not one which may have # been modified along the way - print('inbox signature: ' + str(pubKey)) - print('inbox signature: ' + str(queueJson['original'])) -# if not jsonldVerify(queueJson['original'], pubKey): -# print('WARN: jsonld inbox signature check failed ' + -# keyId + ' ' + pubKey + ' ' + -# str(queueJson['original'])) -# if os.path.isfile(queueFilename): -# os.remove(queueFilename) -# if len(queue) > 0: -# queue.pop(0) -# continue -# else: -# print('jsonld inbox signature check success') + if not jsonldVerify(queueJson['original'], pubKey): + print('WARN: jsonld inbox signature check failed ' + + keyId + ' ' + pubKey + ' ' + + str(queueJson['original'])) + if os.path.isfile(queueFilename): + os.remove(queueFilename) + if len(queue) > 0: + queue.pop(0) + continue + else: + print('jsonld inbox signature check success') # set the id to the same as the post filename # This makes the filename and the id consistent diff --git a/jsonldsig.py b/jsonldsig.py index df7e93a5..87e41622 100644 --- a/jsonldsig.py +++ b/jsonldsig.py @@ -93,9 +93,13 @@ def _verifyJws(payload: {}, jwsSignature: str, publicKeyPem: str) -> bool: """ Verifies a signature using the given public key """ - encodedHeader, encodedSignature = jwsSignature.split(b'..') - signature = _b64safeDecode(encodedSignature) - payload = b'.'.join([encodedHeader, payload]) + if b'..' in jwsSignature: + encodedHeader, encodedSignature = jwsSignature.split(b'..') + signature = _b64safeDecode(encodedSignature) + payload = b'.'.join([encodedHeader, payload]) + else: + signature = _b64safeDecode(jwsSignature) + payload = b'.'.join([payload]) return _verifyRs256(payload, signature, publicKeyPem)