From 33ffd5f976b0c18de7d3be41d019bb9ae96ebb12 Mon Sep 17 00:00:00 2001 From: SouthFox Date: Mon, 19 Jun 2023 17:46:10 +0800 Subject: [PATCH] [test] add signature verify test --- tests/test_inbox.py | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/tests/test_inbox.py b/tests/test_inbox.py index 30b350a..5bb3f28 100644 --- a/tests/test_inbox.py +++ b/tests/test_inbox.py @@ -1,8 +1,31 @@ #!/usr/bin/env python3 """Test inbox route.""" + def test_inbox_no_signature_key(client): """Test inbox""" response = client.post("/inbox", data={"name": "Test"}) assert response.status_code == 401 + + +def test_inbox_signature_verify(): + from demo.httpsig import HttpSignature + + sig_str = """(request-target): post /inbox +user-agent: Fediverse Application +host: 127.0.0.1:5000 +date: Tue, 22 Feb 2022 00:00:00 GMT +digest: SHA-256=pYx72lX8cxrG48M5a2YUZu1XsbfdI6bDm2QBnY3/ABo= +content-type: application/activity+json""" + sig_header = 'keyId="http://127.0.0.1:8000#main-key",algorithm="rsa-sha256",headers="(request-target) user-agent host date digest content-type",signature="MxSPaNM2S1BnWlMVe0tPaTj4Z8nBSXHu5hvaQfN+Qo+LFVC8T/H8pLvE1DLxAE6IXyRg5xTkams9DS+O7GjEKotHoJuQxtpT5LzNzgliX3xyHd39Jy0jr2JOJmnlAPnUUeQDab3fkEWUkQROhcnL6rGOAGTasuie6Fhy+rNTcVh4HwkXt9uj321sa7kd0cWpsgtxzQyQ/2NRpfgxM9bEZCzddUVIIH1xng57GUiknkaDLhvn4OXWAgwh421i2AATB8eOGuOvR+LNmDofkK6HzWqru7W5cwzCOifCulJPAEN6rAhKOPbP76vKbaPlWcmsEgEOl8RLMjK2YjyWPupSCg==' + sig_header = HttpSignature.parse_signature(sig_header) + pub_key = """-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTsTLCVt+jGSaVO6c+iW\nqOXsO45vB31twWzpDYg0yWcwX6u3sjc3ZyfmzJrmD8/x0xqBEpt2e9eUWzXsbOej\nmG8lBo0z5a7FLbui+MWH2ZwIPdjtbV/dhsWREfhBw5QAuPWM2dOmyJzyI1WOIfiy\n9bOO8ZYdMeBx/D8fPDk3LRHF6l5RmzQmCkcQdF1zAI4d4HmxIoUnhc9CsFBMLxb6\nI6TSswT+GAWF5jM11Yva5Fm8aaV444vk7wobG17g2BLCr2qmRQb7KT0vvVCoakUV\nTNE56Bh6aTEa/64xT6+vuX/Vk7IauetI9z0FlR8n2I1VONTi37DgAJUhMljDe+Z4\nwwIDAQAB\n-----END PUBLIC KEY-----""" + + is_verify = HttpSignature.verify_signature( + sig_str, + sig_header["signature"], + pub_key, + ) + + assert is_verify == True