diff options
author | Julio Capote <jcapote@gmail.com> | 2023-01-06 00:14:57 +0000 |
---|---|---|
committer | Julio Capote <jcapote@gmail.com> | 2023-01-06 00:14:57 +0000 |
commit | 786d49b884124e5cf83594558974999078b90242 (patch) | |
tree | bad9aedb5991628bd879125af6feeef8d9c6854c /registry | |
parent | aedbbb7ca69163ec163bbe88d0756ec6bbac5031 (diff) | |
download | communique-786d49b884124e5cf83594558974999078b90242.tar.gz |
work on signature string
Diffstat (limited to '')
-rw-r--r-- | registry/registry.go | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/registry/registry.go b/registry/registry.go index 5f128f5..01d92c7 100644 --- a/registry/registry.go +++ b/registry/registry.go @@ -266,6 +266,12 @@ func (r *Registry) deliverAcceptToInbox(url, actorUrl, actorKeyUrl *url.URL, fol request.Header.Set("Content-Type", "application/activity+json") request.Header.Set("Host", url.Host) + h := sha256.New() + h.Write(jsonData) + digestHeader := base64.StdEncoding.EncodeToString(h.Sum(nil)) + request.Header.Add("Digest", "SHA-256="+digestHeader) + request.Header.Add("Content-Type", "application/activity+json") + r.log.With( "type", "delivery", @@ -280,7 +286,7 @@ func (r *Registry) deliverAcceptToInbox(url, actorUrl, actorKeyUrl *url.URL, fol request.Header.Get("host"), ).Debugf("signing request") - signed_string := fmt.Sprintf("(request-target): post %s\nhost: %s\ndate: %s", url.Path, url.Host, date) + signed_string := fmt.Sprintf("(request-target): post %s\ncontent-type: %s\ndate: %s\ndigest: %s\nhost: %s", url.Path, request.Header.Get("Content-Type"), date, digestHeader, url.Host) digest := sha256.New() digest.Write([]byte(signed_string)) @@ -291,13 +297,7 @@ func (r *Registry) deliverAcceptToInbox(url, actorUrl, actorKeyUrl *url.URL, fol r.mu.Unlock() b64sig := base64.StdEncoding.EncodeToString(signature) - - h := sha256.New() - h.Write(jsonData) var header = `keyId="` + actorKeyUrl.String() + `",algorithm="rsa-sha256",headers="(request-target) content-type date digest host",signature="` + b64sig + `"` - - request.Header.Add("Digest", "SHA-256="+base64.StdEncoding.EncodeToString(h.Sum(nil))) - request.Header.Add("Content-Type", "application/activity+json") request.Header.Add("Signature", header) //http sig signing code - broken? |