From 8611bf49e7ed616efa75b00144ac45a664655e98 Mon Sep 17 00:00:00 2001 From: Julio Capote Date: Thu, 5 Jan 2023 18:54:09 -0500 Subject: try this --- registry/registry.go | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/registry/registry.go b/registry/registry.go index a7d5b47..2280e1d 100644 --- a/registry/registry.go +++ b/registry/registry.go @@ -280,18 +280,21 @@ func (r *Registry) deliverAcceptToInbox(url, actorUrl, actorKeyUrl *url.URL, fol request.Header.Get("host"), ).Debugf("signing request") - signed_string := fmt.Sprintf("(request-target): post /users/capotej/inbox\nhost: %s\ndate: %s", url.Host, date) + signed_string := fmt.Sprintf("(request-target): post %s\nhost: %s\ndate: %s", url.Path, url.Host, date) + + digest := sha256.New() + digest.Write([]byte(signed_string)) + digestBytes := digest.Sum(nil) - digest := sha256.Sum256([]byte(signed_string)) r.mu.Lock() - signature, _ := rsa.SignPKCS1v15(rand.Reader, privKey, crypto.SHA256, digest[:]) + signature, _ := rsa.SignPKCS1v15(rand.Reader, privKey, crypto.SHA256, digestBytes[:]) r.mu.Unlock() b64sig := base64.StdEncoding.EncodeToString(signature) h := sha256.New() h.Write(jsonData) - var header = `keyId="https://activitybub.xyz/actors/sample#key",algorithm="rsa-sha256",headers="(request-target) content-type date digest host",signature="` + b64sig + `"` + var header = `keyId="` + actorKeyUrl.Host + `",algorithm="rsa-sha256",headers="(request-target) content-type date digest host",signature="` + b64sig + `"` request.Header.Add("Digest", "SHA-256="+base64.StdEncoding.EncodeToString(h.Sum(nil))) request.Header.Add("Content-Type", "application/activity+json") -- cgit v1.2.3