another attempt
This commit is contained in:
parent
d578e42c96
commit
8dfe48e81c
88
basic_ap.py
88
basic_ap.py
@ -27,7 +27,7 @@ from time import strftime, gmtime
|
||||
|
||||
|
||||
from Crypto.Hash import SHA256
|
||||
from Crypto.Signature import PKCS1_v1_5
|
||||
from Crypto.Signature import pkcs1_15
|
||||
from Crypto.PublicKey import RSA
|
||||
|
||||
#
|
||||
@ -64,44 +64,70 @@ public_key() #generate public_key on first launch
|
||||
def build_signing_string(headers, header_values):
|
||||
return '\n'.join(map(lambda x: ': '.join([x.lower(), headers[x]]), header_values))
|
||||
|
||||
def sign_header(private_key, key_id, host):
|
||||
def messageContentDigest(messageBodyJsonStr: str) -> str:
|
||||
msg = messageBodyJsonStr.encode('utf-8')
|
||||
digestStr = SHA256.new(msg).digest()
|
||||
return base64.b64encode(digestStr).decode('utf-8')
|
||||
|
||||
|
||||
|
||||
def sign_header(private_key, keyID, host, messageBodyJsonStr):
|
||||
"""
|
||||
Sign HTTP headers
|
||||
"""
|
||||
date = strftime("%a, %d %b %Y %H:%M:%S GMT", gmtime()) #RFC1123 Time format
|
||||
date = strftime("%a, %d %b %Y %H:%M:%S %Z", gmtime()) #RFC1123 Time format
|
||||
|
||||
#Based on https://github.com/autogestion/pubgate/
|
||||
#Based on https://code.freedombone.net/bashrc/epicyon/src/main/httpsig.py
|
||||
keyfile = open(private_key,'rb').read()
|
||||
secret = RSA.import_key(keyfile)
|
||||
signer = PKCS1_v1_5.new(secret)
|
||||
|
||||
|
||||
headers = { 'request-target': 'post /inbox',
|
||||
'host': host, #this is the destination host
|
||||
'date': date,
|
||||
}
|
||||
sigheaders = headers.keys()
|
||||
|
||||
sigstring = build_signing_string(headers, sigheaders)
|
||||
print(sigstring
|
||||
)
|
||||
digest = SHA256.new()
|
||||
digest.update(sigstring.encode('ascii'))
|
||||
sigdata = base64.b64encode(signer.sign(digest))
|
||||
|
||||
sig = {
|
||||
'keyId': key_id,
|
||||
'algorithm': 'rsa-sha256',
|
||||
'headers': ' '.join(sigheaders),
|
||||
'signature': sigdata.decode('ascii')
|
||||
}
|
||||
bodyDigest = messageContentDigest(messageBodyJsonStr)
|
||||
contentLength = len(messageBodyJsonStr)
|
||||
print(contentLength)
|
||||
|
||||
headers["signature"] = ','.join(['{}="{}"'.format(k, v) for k, v in sig.items()])
|
||||
path = '/inbox'
|
||||
|
||||
headers = {
|
||||
'(request-target)': f'post {path}',
|
||||
'host': host,
|
||||
'date': date,
|
||||
'digest': f'SHA-256={bodyDigest}',
|
||||
'content-type': 'application/json',
|
||||
'content-length': str(contentLength)
|
||||
}
|
||||
|
||||
|
||||
signedHeaderKeys = headers.keys()
|
||||
signedHeaderText = ''
|
||||
|
||||
for headerKey in signedHeaderKeys:
|
||||
signedHeaderText += f'{headerKey}: {headers[headerKey]}\n'
|
||||
|
||||
signedHeaderText = signedHeaderText.strip()
|
||||
headerDigest = SHA256.new(signedHeaderText.encode('ascii'))
|
||||
|
||||
# Sign the digest
|
||||
rawSignature = pkcs1_15.new(secret).sign(headerDigest)
|
||||
signature = base64.b64encode(rawSignature).decode('ascii')
|
||||
|
||||
# Put it into a valid HTTP signature format
|
||||
signatureDict = {
|
||||
'keyId': keyID,
|
||||
'algorithm': 'rsa-sha256',
|
||||
'headers': ' '.join(signedHeaderKeys),
|
||||
'signature': signature
|
||||
}
|
||||
signatureHeader = ','.join(
|
||||
[f'{k}="{v}"' for k, v in signatureDict.items()])
|
||||
|
||||
|
||||
headers['signature'] = signatureHeader
|
||||
|
||||
return headers
|
||||
|
||||
|
||||
|
||||
|
||||
#Flask
|
||||
app = flask.Flask(__name__)
|
||||
|
||||
@ -138,11 +164,13 @@ def profile(actor):
|
||||
@app.route('/post/', methods=['POST','GET'])
|
||||
def post():
|
||||
date = strftime("%a, %d %b %Y %H:%M:%S GMT", gmtime())
|
||||
activity=json.loads(flask.render_template('create.json',
|
||||
domain=DOMAIN,public_key=public_key(),actor=USERNAME,host='DOMAIN', date=date))
|
||||
signed_headers = sign_header('private.pem', DOMAIN+'/users/'+USERNAME+'#main-key','https://post.lurk.org')
|
||||
|
||||
r = requests.post('https://post.lurk.org/inbox', json=activity, headers=signed_headers)
|
||||
json_message=json.loads(flask.render_template('create.json',
|
||||
domain=DOMAIN,public_key=public_key(),actor=USERNAME,host='DOMAIN', date=date))
|
||||
|
||||
signed_headers = sign_header('private.pem', DOMAIN+'/users/'+USERNAME+'#main-key','https://post.lurk.org', json.dumps(json_message))
|
||||
|
||||
r = requests.post('https://post.lurk.org/inbox', json=json_message, headers=signed_headers)
|
||||
|
||||
a = (r.status_code, r.text, r.headers)
|
||||
a = str(a)
|
||||
|
Loading…
Reference in New Issue
Block a user