Don't use urlsafe encode/decode methods when signing Diaspora relayables

2017-05-02 21:11:38 +03:00 · 2017-05-02 21:11:38 +03:00 · 906c1e8651
commit 906c1e8651
--- a/federation/protocols/diaspora/signatures.py
+++ b/federation/protocols/diaspora/signatures.py
@ -1,4 +1,4 @@
-from base64 import urlsafe_b64decode, urlsafe_b64encode
+from base64 import b64decode, b64encode

 from Crypto.Hash import SHA256
 from Crypto.PublicKey import RSA
@ -21,10 +21,10 @@ def verify_relayable_signature(public_key, doc, signature):
    """
    sig_hash = _create_signature_hash(doc)
    cipher = PKCS1_v1_5.new(RSA.importKey(public_key))
-    return cipher.verify(sig_hash, urlsafe_b64decode(signature))
+    return cipher.verify(sig_hash, b64decode(signature))


 def create_relayable_signature(private_key, doc):
    sig_hash = _create_signature_hash(doc)
    cipher = PKCS1_v1_5.new(private_key)
-    return urlsafe_b64encode(cipher.sign(sig_hash)).decode("ascii")
+    return b64encode(cipher.sign(sig_hash)).decode("ascii")
--- a/federation/tests/entities/diaspora/test_entities.py
+++ b/federation/tests/entities/diaspora/test_entities.py
@ -116,20 +116,20 @@ class TestDiasporaRelayableEntitySigning():
            raw_content="raw_content", guid="guid", target_guid="target_guid", handle="handle",
        )
        entity.sign(get_dummy_private_key())
-        assert entity.signature == "f3wkKDEhlT8zThEfaBcuKs4s0MbbWm9XPyx2ivrAg3jBtXQ6lXm5mgi9buwm-QyzxAGnk5Zth6HrYYB-" \
-                                   "NoieyoR4j54ryyPMB0gHwUO05tzjAMpvLyDlOyxLYFIl302ib2In9LJ5wa15VaEm9DW2-1WlCK72FonO" \
-                                   "oGx0qXDUc-NRn4s_UXBPNgM_Xsz3466AM1y98rUowHnpa0bxDjKcf7HMy4zuJ7XcsJAlofUHXCMX9TOm" \
-                                   "SBIwF5MlCkFL28R2cRAzJgNOBLw-a8arfi613bqo1Xq26-2PuFF0ng_OVOQOVFsO60H5wi_49FREWYdG" \
+        assert entity.signature == "f3wkKDEhlT8zThEfaBcuKs4s0MbbWm9XPyx2ivrAg3jBtXQ6lXm5mgi9buwm+QyzxAGnk5Zth6HrYYB+" \
+                                   "NoieyoR4j54ryyPMB0gHwUO05tzjAMpvLyDlOyxLYFIl302ib2In9LJ5wa15VaEm9DW2+1WlCK72FonO" \
+                                   "oGx0qXDUc+NRn4s/UXBPNgM/Xsz3466AM1y98rUowHnpa0bxDjKcf7HMy4zuJ7XcsJAlofUHXCMX9TOm" \
+                                   "SBIwF5MlCkFL28R2cRAzJgNOBLw+a8arfi613bqo1Xq26+2PuFF0ng/OVOQOVFsO60H5wi/49FREWYdG" \
                                   "ZdmHltxf76yWG6R1Zqpvag=="

    def test_signing_like_works(self):
        entity = DiasporaLike(guid="guid", target_guid="target_guid", handle="handle")
        entity.sign(get_dummy_private_key())
-        assert entity.signature == "apkcOn6marHfo0rHiOnQq-qqspxxWOJNklQKQjoJUHmXDNRnBp8aPoLKqVOznsTEpEIhM1p5_8mPilgY" \
-                                   "yVFHepi_m744DFQByx7hVkMhGFiZWtJx1tTWSl1d7H85FTlE0DyPwiRYVTrG3vQD3Dr-b08WiOEzG-ii" \
-                                   "Q0t-vWGl8cgSS0_34mvvqX-HKUdmun2vQ50bPckNLoj3hDI6HcmZ8qFf_xx8y1BbE0zx5rTo7yOlWq8Y" \
-                                   "sC28oRHqHpIzOfhkIHyt-hOjO_mpuZLd7qOPfIySnGW6hM1iKewoJVDuVMN5w5VB46ETRum8JpvTQO8i" \
-                                   "DPB-ZqbqcEasfm2CQIxVLA=="
+        assert entity.signature == "apkcOn6marHfo0rHiOnQq+qqspxxWOJNklQKQjoJUHmXDNRnBp8aPoLKqVOznsTEpEIhM1p5/8mPilgY" \
+                                   "yVFHepi/m744DFQByx7hVkMhGFiZWtJx1tTWSl1d7H85FTlE0DyPwiRYVTrG3vQD3Dr+b08WiOEzG+ii" \
+                                   "Q0t+vWGl8cgSS0/34mvvqX+HKUdmun2vQ50bPckNLoj3hDI6HcmZ8qFf/xx8y1BbE0zx5rTo7yOlWq8Y" \
+                                   "sC28oRHqHpIzOfhkIHyt+hOjO/mpuZLd7qOPfIySnGW6hM1iKewoJVDuVMN5w5VB46ETRum8JpvTQO8i" \
+                                   "DPB+ZqbqcEasfm2CQIxVLA=="


 class TestDiasporaRelayableEntityValidate():
--- a/federation/tests/protocols/diaspora/test_signatures.py
+++ b/federation/tests/protocols/diaspora/test_signatures.py
@ -14,10 +14,10 @@ SIGNATURE = "A/vVRxM3V1ceEH1JrnPOaIZGM3gMjw/fnT9TgUh3poI4q9eH95AIoig+3eTA8XFuGvu
            "qNofGkusuzZnCd0VObOpXizrI8xNQzZpjJEB5QqE2gbCC2YZNdOS0eBGXw42dAXa/QV3jZXGES7DdQlqPqqT3YjcMFLiRrWQR8cl4h" \
            "JIBRpV5piGyLmMMKYrWu7hQSrdRAEL3K6mNZZU6/yoG879LjtQbVwaFGPeT29B4zBE97FIo="

-SIGNATURE2 = "hVdLwsWXe6yVy88m9H1903-Bj_DjSGsYL-ZIpEz-G6u_aVx6QfsvnWHzasjqN8SU-brHfL0c8KrapWcACO-jyCuXlHMZb9zKmJkHR" \
-             "FSOiprCJ3tqNpv_4MIa9CXu0YDqnLHBSyxS01luKw3EqgpWPQdYcqDpOkjjTOq45dQC0PGHA_DXjP7LBptV9AwW200LIcL5Li8tDU" \
-             "a8VSQybspDDfDpXU3-Xl5tJIBVS4ercPczp5B39Cwne4q2gyj_Y5RdIoX5RMqmFhfucw1he38T1oRC9AHTJqj4CBcDt7gc6jPHuzk" \
-             "N7u1eUf0IK3-KTDKsCkkoHcGaoxT-NeWcS8Ki1A=="
+SIGNATURE2 = "hVdLwsWXe6yVy88m9H1903+Bj/DjSGsYL+ZIpEz+G6u/aVx6QfsvnWHzasjqN8SU+brHfL0c8KrapWcACO+jyCuXlHMZb9zKmJkHR" \
+             "FSOiprCJ3tqNpv/4MIa9CXu0YDqnLHBSyxS01luKw3EqgpWPQdYcqDpOkjjTOq45dQC0PGHA/DXjP7LBptV9AwW200LIcL5Li8tDU" \
+             "a8VSQybspDDfDpXU3+Xl5tJIBVS4ercPczp5B39Cwne4q2gyj/Y5RdIoX5RMqmFhfucw1he38T1oRC9AHTJqj4CBcDt7gc6jPHuzk" \
+             "N7u1eUf0IK3+KTDKsCkkoHcGaoxT+NeWcS8Ki1A=="

 PUBKEY = "-----BEGIN PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuCfU1G5X+3O6vPdSz6QY\nSFbgdbv3KPv" \
         "xHi8tRmlyOLdLt5i1eqsy2WCW1iYNijiCL7OfbrvymBQxe3GA9S64\nVuavwzQ8nO7nzpNMqxY5tBXsBM1lECCHDOvm5dzINXWT9Sg7P1" \