bitbot-3.11-fork/modules/fediverse/ap_security.py

import base64, typing
from cryptography.hazmat.primitives import hashes, serialization
from cryptography.hazmat.primitives.asymmetric import padding, rsa
from cryptography.hazmat.backends import default_backend

SIGNATURE_FORMAT = (
    "keyId=\"%s\",headers=\"%s\",signature=\"%s\",algorithm=\"rsa-sha256\"")


def _private_key(key_filename: str) -> rsa.RSAPrivateKey:
    with open(key_filename) as key_file:
        return serialization.load_pem_private_key(
            key_file.read(), password=None, backend=default_backend())

class PrivateKey(object):
    def __init__(self, filename, id):
        self.key = _private_key(filename)
        self.id = id

def signature(key: PrivateKey, headers: typing.List[typing.Tuple[str, str]]
        ) -> str:
    sign_header_keys = " ".join(h[0] for h in headers)

    sign_string_parts = ["%s: %s" % (k, v) for k, v in headers]
    sign_string = "\n".join(sign_string_parts)

    signature = key.key.sign(
        sign_string.encode("utf8"),
        padding.PSS(
            mgf=padding.MGF1(hashes.SHA256()),
            salt_length=padding.PSS.MAX_LENGTH),
        hashes.SHA256()
    )

    signature = base64.b64encode(signature).decode("ascii")
    return SIGNATURE_FORMAT % (key_id, sign_header_keys, signature)
move fediverse_server to a directory module, add rough outline of toot federation 2019-09-13 10:51:39 +00:00			`import base64, typing`
			`from cryptography.hazmat.primitives import hashes, serialization`
			`from cryptography.hazmat.primitives.asymmetric import padding, rsa`
			`from cryptography.hazmat.backends import default_backend`

			`SIGNATURE_FORMAT = (`
			`"keyId=\"%s\",headers=\"%s\",signature=\"%s\",algorithm=\"rsa-sha256\"")`


re-merge fediverse an fediverse_server, so they can share utils 2019-09-15 09:43:46 +00:00			`def _private_key(key_filename: str) -> rsa.RSAPrivateKey:`
move fediverse_server to a directory module, add rough outline of toot federation 2019-09-13 10:51:39 +00:00			`with open(key_filename) as key_file:`
			`return serialization.load_pem_private_key(`
			`key_file.read(), password=None, backend=default_backend())`

re-merge fediverse an fediverse_server, so they can share utils 2019-09-15 09:43:46 +00:00			`class PrivateKey(object):`
			`def __init__(self, filename, id):`
			`self.key = _private_key(filename)`
			`self.id = id`

			`def signature(key: PrivateKey, headers: typing.List[typing.Tuple[str, str]]`
			`) -> str:`
move fediverse_server to a directory module, add rough outline of toot federation 2019-09-13 10:51:39 +00:00			`sign_header_keys = " ".join(h[0] for h in headers)`

			`sign_string_parts = ["%s: %s" % (k, v) for k, v in headers]`
			`sign_string = "\n".join(sign_string_parts)`

re-merge fediverse an fediverse_server, so they can share utils 2019-09-15 09:43:46 +00:00			`signature = key.key.sign(`
move fediverse_server to a directory module, add rough outline of toot federation 2019-09-13 10:51:39 +00:00			`sign_string.encode("utf8"),`
			`padding.PSS(`
			`mgf=padding.MGF1(hashes.SHA256()),`
			`salt_length=padding.PSS.MAX_LENGTH),`
			`hashes.SHA256()`
			`)`

			`signature = base64.b64encode(signature).decode("ascii")`
			`return SIGNATURE_FORMAT % (key_id, sign_header_keys, signature)`