aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJulio Capote <jcapote@gmail.com>2023-01-05 23:45:17 +0000
committerJulio Capote <jcapote@gmail.com>2023-01-05 23:45:17 +0000
commit217f0ac8e4c66f76908d1b3bf2142ad664147cd4 (patch)
tree860d40439fa6089cb1fbfa43b7f70c8352583375
parent072d280feeab54138272c8ae58ee9472fd968972 (diff)
downloadcommunique-217f0ac8e4c66f76908d1b3bf2142ad664147cd4.tar.gz
try doing it manually
-rw-r--r--registry/registry.go61
1 files changed, 41 insertions, 20 deletions
diff --git a/registry/registry.go b/registry/registry.go
index c84ba5b..a7d5b47 100644
--- a/registry/registry.go
+++ b/registry/registry.go
@@ -3,7 +3,12 @@ package registry
import (
"bytes"
"context"
+ "crypto"
+ "crypto/rand"
+ "crypto/rsa"
+ "crypto/sha256"
"crypto/x509"
+ "encoding/base64"
"encoding/gob"
"encoding/json"
"encoding/pem"
@@ -256,7 +261,8 @@ func (r *Registry) deliverAcceptToInbox(url, actorUrl, actorKeyUrl *url.URL, fol
privKey := &keypair.PrivateKey
request, err := http.NewRequest("POST", url.String(), bytes.NewBuffer(jsonData))
- request.Header.Set("Date", time.Now().UTC().Format(http.TimeFormat))
+ date := time.Now().UTC().Format(http.TimeFormat)
+ request.Header.Set("Date", date)
request.Header.Set("Content-Type", "application/activity+json")
request.Header.Set("Host", url.Host)
@@ -267,9 +273,6 @@ func (r *Registry) deliverAcceptToInbox(url, actorUrl, actorKeyUrl *url.URL, fol
"payload",
payload,
).With(
- "digest",
- request.Header.Get("digest"),
- ).With(
"date",
request.Header.Get("date"),
).With(
@@ -277,25 +280,43 @@ func (r *Registry) deliverAcceptToInbox(url, actorUrl, actorKeyUrl *url.URL, fol
request.Header.Get("host"),
).Debugf("signing request")
+ signed_string := fmt.Sprintf("(request-target): post /users/capotej/inbox\nhost: %s\ndate: %s", url.Host, date)
+
+ digest := sha256.Sum256([]byte(signed_string))
r.mu.Lock()
- prefs := []httpsig.Algorithm{}
- digestAlgorithm := httpsig.DigestSha256
- // The "Date" and "Digest" headers must already be set on r, as well as r.URL.
- headersToSign := []string{httpsig.RequestTarget, "host", "date", "digest", "content-type"}
- signer, _, err := httpsig.NewSigner(prefs, digestAlgorithm, headersToSign, httpsig.Signature, 100)
- if err != nil {
- return err
- }
- // To sign the digest, we need to give the signer a copy of the body...
- // ...but it is optional, no digest will be signed if given "nil"
- // body := nil
- // If r were a http.ResponseWriter, call SignResponse instead.
- err = signer.SignRequest(privKey, actorKeyUrl.String(), request, jsonData)
+ signature, _ := rsa.SignPKCS1v15(rand.Reader, privKey, crypto.SHA256, digest[:])
r.mu.Unlock()
- // HACK
- oldSig := request.Header.Get("signature")
- request.Header.Set("signature", strings.ReplaceAll(oldSig, "hs2019", "rsa-sha256"))
+ b64sig := base64.StdEncoding.EncodeToString(signature)
+
+ h := sha256.New()
+ h.Write(jsonData)
+ var header = `keyId="https://activitybub.xyz/actors/sample#key",algorithm="rsa-sha256",headers="(request-target) content-type date digest host",signature="` + b64sig + `"`
+
+ request.Header.Add("Digest", "SHA-256="+base64.StdEncoding.EncodeToString(h.Sum(nil)))
+ request.Header.Add("Content-Type", "application/activity+json")
+ request.Header.Add("Signature", header)
+
+ //http sig signing code - broken?
+ // r.mu.Lock()
+ // prefs := []httpsig.Algorithm{}
+ // digestAlgorithm := httpsig.DigestSha256
+ // // The "Date" and "Digest" headers must already be set on r, as well as r.URL.
+ // headersToSign := []string{httpsig.RequestTarget, "host", "date", "digest", "content-type"}
+ // signer, _, err := httpsig.NewSigner(prefs, digestAlgorithm, headersToSign, httpsig.Signature, 100)
+ // if err != nil {
+ // return err
+ // }
+ // // To sign the digest, we need to give the signer a copy of the body...
+ // // ...but it is optional, no digest will be signed if given "nil"
+ // // body := nil
+ // // If r were a http.ResponseWriter, call SignResponse instead.
+ // err = signer.SignRequest(privKey, actorKeyUrl.String(), request, jsonData)
+ // r.mu.Unlock()
+
+ // // HACK
+ // oldSig := request.Header.Get("signature")
+ // request.Header.Set("signature", strings.ReplaceAll(oldSig, "hs2019", "rsa-sha256"))
r.log.With(
"type",