jeena/PeerTube
1
0
Fork 0
Code Issues Pull requests Projects Packages Wiki Activity Actions

Add HTTP signature check before linked signature

Browse source 
It's faster, and will allow us to use RSA signature 2018 (with upstream
jsonld-signature module) without too much incompatibilities in the
peertube federation
This commit is contained in:
Chocobozzz 2018-10-19 11:41:19 +02:00
parent d23e6a1c97
commit 41f2ebae4f
No known key found for this signature in database
GPG key ID: 583A612D890159BE
8 changed files with 182 additions and 83 deletions
Download patch file Download diff file Expand all files Collapse all files

7
server/lib/job-queue/handlers/utils/activitypub-http-utils.ts
View file

@ -2,6 +2,7 @@ import { buildSignedActivity } from '../../../../helpers/activitypub'
import { getServerActor } from '../../../../helpers/utils'
import { ActorModel } from '../../../../models/activitypub/actor'
import { sha256 } from '../../../../helpers/core-utils'
import { HTTP_SIGNATURE } from '../../../../initializers'
type Payload = { body: any, signatureActorId?: number }
@ -29,11 +30,11 @@ async function buildSignedRequestOptions (payload: Payload) {
const keyId = actor.getWebfingerUrl()
return {
algorithm: 'rsa-sha256',
authorizationHeaderName: 'Signature',
algorithm: HTTP_SIGNATURE.ALGORITHM,
authorizationHeaderName: HTTP_SIGNATURE.HEADER_NAME,
keyId,
key: actor.privateKey,
headers: [ 'date', 'host', 'digest', '(request-target)' ]
headers: HTTP_SIGNATURE.HEADERS_TO_SIGN
}
}