Migrate to PyNaCl

2022-12-20 15:37:10 +03:00
parent 5da81f7a04
commit 30b137de3a
3 changed files with 8 additions and 7 deletions
--- a/vue-apps-py/src/vue_apps_py/server.py
+++ b/vue-apps-py/src/vue_apps_py/server.py
@@ -28,7 +28,7 @@ def VueApp(client_api: ClientAPI,
        body_to_verify = await request.body()
        timestamp = request.headers['X-Signature-Timestamp'].encode('utf-8')
        signature = request.headers['X-Signature-Ed25519'].encode('utf-8')
-        if not security_helper.is_valid(timestamp + body_to_verify, signature):
+        if not security_helper.is_valid(timestamped_body=timestamp + body_to_verify, signature=signature):
            raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail='Verification of signature failed')

    @app.post(path='/ping', response_model=PongModel)
--- a/vue-apps-py/src/vue_apps_py/server_utils/security.py
+++ b/vue-apps-py/src/vue_apps_py/server_utils/security.py
@@ -1,15 +1,16 @@
-from ed25519.keys import VerifyingKey
+from nacl.encoding import Base64Encoder
+from nacl.signing import VerifyKey


 class SecurityHelper:
-    public_key: VerifyingKey
+    public_key: VerifyKey

    def __init__(self, public_key: str):
-        self.public_key = VerifyingKey(public_key.encode(), encoding='base64')
+        self.public_key = VerifyKey(public_key.encode(), encoder=Base64Encoder)

-    def is_valid(self, http: bytes, signature: bytes) -> bool:
+    def is_valid(self, timestamped_body: bytes, signature: bytes) -> bool:
        try:
-            self.public_key.verify(signature, http, encoding='base64')
+            self.public_key.verify(timestamped_body, signature, encoder=Base64Encoder)
            return True
        except AssertionError:
            return False