From 41f2ebae4f970932fb62d2d8923b1f776f0b1494 Mon Sep 17 00:00:00 2001
From: Chocobozzz <me@florianbigard.com>
Date: Fri, 19 Oct 2018 11:41:19 +0200
Subject: Add HTTP signature check before linked signature

It's faster, and will allow us to use RSA signature 2018 (with upstream
jsonld-signature module) without too much incompatibilities in the
peertube federation
---
 server/initializers/constants.ts | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'server/initializers/constants.ts')

diff --git a/server/initializers/constants.ts b/server/initializers/constants.ts
index e8843a3ab..28d51068b 100644
--- a/server/initializers/constants.ts
+++ b/server/initializers/constants.ts
@@ -532,6 +532,12 @@ const ACTIVITY_PUB_ACTOR_TYPES: { [ id: string ]: ActivityPubActorType } = {
   APPLICATION: 'Application'
 }
 
+const HTTP_SIGNATURE = {
+  HEADER_NAME: 'signature',
+  ALGORITHM: 'rsa-sha256',
+  HEADERS_TO_SIGN: [ 'date', 'host', 'digest', '(request-target)' ]
+}
+
 // ---------------------------------------------------------------------------
 
 const PRIVATE_RSA_KEY_SIZE = 2048
@@ -731,6 +737,7 @@ export {
   VIDEO_EXT_MIMETYPE,
   CRAWL_REQUEST_CONCURRENCY,
   JOB_COMPLETED_LIFETIME,
+  HTTP_SIGNATURE,
   VIDEO_IMPORT_STATES,
   VIDEO_VIEW_LIFETIME,
   buildLanguages
-- 
cgit v1.2.3