From f7509cbec875ec4ee3201cce08839f2a02676c1c Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Fri, 19 Oct 2018 11:41:19 +0200 Subject: Add HTTP signature check before linked signature It's faster, and will allow us to use RSA signature 2018 (with upstream jsonld-signature module) without too much incompatibilities in the peertube federation --- server/lib/job-queue/handlers/utils/activitypub-http-utils.ts | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'server/lib/job-queue/handlers') diff --git a/server/lib/job-queue/handlers/utils/activitypub-http-utils.ts b/server/lib/job-queue/handlers/utils/activitypub-http-utils.ts index d71c91a24..fd9c74341 100644 --- a/server/lib/job-queue/handlers/utils/activitypub-http-utils.ts +++ b/server/lib/job-queue/handlers/utils/activitypub-http-utils.ts @@ -2,6 +2,7 @@ import { buildSignedActivity } from '../../../../helpers/activitypub' import { getServerActor } from '../../../../helpers/utils' import { ActorModel } from '../../../../models/activitypub/actor' import { sha256 } from '../../../../helpers/core-utils' +import { HTTP_SIGNATURE } from '../../../../initializers' type Payload = { body: any, signatureActorId?: number } @@ -29,11 +30,11 @@ async function buildSignedRequestOptions (payload: Payload) { const keyId = actor.getWebfingerUrl() return { - algorithm: 'rsa-sha256', - authorizationHeaderName: 'Signature', + algorithm: HTTP_SIGNATURE.ALGORITHM, + authorizationHeaderName: HTTP_SIGNATURE.HEADER_NAME, keyId, key: actor.privateKey, - headers: [ 'date', 'host', 'digest', '(request-target)' ] + headers: HTTP_SIGNATURE.HEADERS_TO_SIGN } } -- cgit v1.2.3