aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJulio Capote <jcapote@gmail.com>2023-01-06 00:14:57 +0000
committerJulio Capote <jcapote@gmail.com>2023-01-06 00:14:57 +0000
commit786d49b884124e5cf83594558974999078b90242 (patch)
treebad9aedb5991628bd879125af6feeef8d9c6854c
parentaedbbb7ca69163ec163bbe88d0756ec6bbac5031 (diff)
downloadcommunique-786d49b884124e5cf83594558974999078b90242.tar.gz
work on signature string
Diffstat (limited to '')
-rw-r--r--registry/registry.go14
1 files changed, 7 insertions, 7 deletions
diff --git a/registry/registry.go b/registry/registry.go
index 5f128f5..01d92c7 100644
--- a/registry/registry.go
+++ b/registry/registry.go
@@ -266,6 +266,12 @@ func (r *Registry) deliverAcceptToInbox(url, actorUrl, actorKeyUrl *url.URL, fol
request.Header.Set("Content-Type", "application/activity+json")
request.Header.Set("Host", url.Host)
+ h := sha256.New()
+ h.Write(jsonData)
+ digestHeader := base64.StdEncoding.EncodeToString(h.Sum(nil))
+ request.Header.Add("Digest", "SHA-256="+digestHeader)
+ request.Header.Add("Content-Type", "application/activity+json")
+
r.log.With(
"type",
"delivery",
@@ -280,7 +286,7 @@ func (r *Registry) deliverAcceptToInbox(url, actorUrl, actorKeyUrl *url.URL, fol
request.Header.Get("host"),
).Debugf("signing request")
- signed_string := fmt.Sprintf("(request-target): post %s\nhost: %s\ndate: %s", url.Path, url.Host, date)
+ signed_string := fmt.Sprintf("(request-target): post %s\ncontent-type: %s\ndate: %s\ndigest: %s\nhost: %s", url.Path, request.Header.Get("Content-Type"), date, digestHeader, url.Host)
digest := sha256.New()
digest.Write([]byte(signed_string))
@@ -291,13 +297,7 @@ func (r *Registry) deliverAcceptToInbox(url, actorUrl, actorKeyUrl *url.URL, fol
r.mu.Unlock()
b64sig := base64.StdEncoding.EncodeToString(signature)
-
- h := sha256.New()
- h.Write(jsonData)
var header = `keyId="` + actorKeyUrl.String() + `",algorithm="rsa-sha256",headers="(request-target) content-type date digest host",signature="` + b64sig + `"`
-
- request.Header.Add("Digest", "SHA-256="+base64.StdEncoding.EncodeToString(h.Sum(nil)))
- request.Header.Add("Content-Type", "application/activity+json")
request.Header.Add("Signature", header)
//http sig signing code - broken?