From 30b137de3a5f78c33be4065629ebea45ea2c6af2 Mon Sep 17 00:00:00 2001 From: havlong Date: Tue, 20 Dec 2022 15:37:10 +0300 Subject: [PATCH] Migrate to PyNaCl --- vue-apps-py/README.MD | 2 +- vue-apps-py/src/vue_apps_py/server.py | 2 +- vue-apps-py/src/vue_apps_py/server_utils/security.py | 11 ++++++----- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/vue-apps-py/README.MD b/vue-apps-py/README.MD index 546463e..e4f4fd5 100644 --- a/vue-apps-py/README.MD +++ b/vue-apps-py/README.MD @@ -31,7 +31,7 @@ def autocomplete_handler(query_model: AutoModel) -> SuggestionsModel: api = ClientAPI(client_id='vue-app-0', client_secret='abccf12389efab222') # Prepare Security -key_holder = SecurityHelper(public_key='abbcbbbcaksjdhf/skdjhfnnsn/sjdkfjj21234=') +key_holder = SecurityHelper(public_key='VoMMy/A7u6GnSajiZbwz0fpIPESA+oQ+b8Qi5LUMiN8=') # Define intents intents: List[Intent] = [InlineQuery(autocomplete_handler)] diff --git a/vue-apps-py/src/vue_apps_py/server.py b/vue-apps-py/src/vue_apps_py/server.py index 8c8e938..abf95d7 100644 --- a/vue-apps-py/src/vue_apps_py/server.py +++ b/vue-apps-py/src/vue_apps_py/server.py @@ -28,7 +28,7 @@ def VueApp(client_api: ClientAPI, body_to_verify = await request.body() timestamp = request.headers['X-Signature-Timestamp'].encode('utf-8') signature = request.headers['X-Signature-Ed25519'].encode('utf-8') - if not security_helper.is_valid(timestamp + body_to_verify, signature): + if not security_helper.is_valid(timestamped_body=timestamp + body_to_verify, signature=signature): raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail='Verification of signature failed') @app.post(path='/ping', response_model=PongModel) diff --git a/vue-apps-py/src/vue_apps_py/server_utils/security.py b/vue-apps-py/src/vue_apps_py/server_utils/security.py index 5ae13d4..0c1dd91 100644 --- a/vue-apps-py/src/vue_apps_py/server_utils/security.py +++ b/vue-apps-py/src/vue_apps_py/server_utils/security.py @@ -1,15 +1,16 @@ -from ed25519.keys import VerifyingKey +from nacl.encoding import Base64Encoder +from nacl.signing import VerifyKey class SecurityHelper: - public_key: VerifyingKey + public_key: VerifyKey def __init__(self, public_key: str): - self.public_key = VerifyingKey(public_key.encode(), encoding='base64') + self.public_key = VerifyKey(public_key.encode(), encoder=Base64Encoder) - def is_valid(self, http: bytes, signature: bytes) -> bool: + def is_valid(self, timestamped_body: bytes, signature: bytes) -> bool: try: - self.public_key.verify(signature, http, encoding='base64') + self.public_key.verify(timestamped_body, signature, encoder=Base64Encoder) return True except AssertionError: return False