encrypt/gancio
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix digest httpsignature header

Browse Source
This commit is contained in:
les
2021-03-21 22:44:54 +01:00
parent 79ab5c9214
commit fed138abc2
2 changed files with 13 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
server/federation/follows.js
View File

@@ -25,7 +25,7 @@ module.exports = {
'actor': `${config.baseurl}/federation/u/${username}`, 'actor': `${config.baseurl}/federation/u/${username}`,
'object': body 'object': body
} }
Helpers.signAndSend(message, req.fedi_user.object.inbox) Helpers.signAndSend(JSON.stringify(message), req.fedi_user.object.inbox)
res.sendStatus(200) res.sendStatus(200)
}, },

17
server/federation/helpers.js
View File

@@ -35,23 +35,28 @@ const Helpers = {
const privkey = settingsController.secretSettings.privateKey const privkey = settingsController.secretSettings.privateKey
const signer = crypto.createSign('sha256') const signer = crypto.createSign('sha256')
const d = new Date() const d = new Date()
const stringToSign = `(request-target): post ${inboxUrl.pathname}\nhost: ${inboxUrl.hostname}\ndate: ${d.toUTCString()}` // digest header added for Mastodon 3.2.1 compatibility
const digest = crypto.createHash('sha256')
.update(message)
.digest('base64')
const stringToSign = `(request-target): post ${inboxUrl.pathname}\nhost: ${inboxUrl.hostname}\ndate: ${d.toUTCString()}\ndigest: SHA-256=${digest}`
signer.update(stringToSign) signer.update(stringToSign)
signer.end() signer.end()
const signature = signer.sign(privkey) const signature = signer.sign(privkey)
const signature_b64 = signature.toString('base64') const signature_b64 = signature.toString('base64')
const header = `keyId="${config.baseurl}/federation/u/${settingsController.settings.instance_name}",headers="(request-target) host date",signature="${signature_b64}"` const header = `keyId="${config.baseurl}/federation/u/${settingsController.settings.instance_name}",algorithm="rsa-sha256",headers="(request-target) host date digest",signature="${signature_b64}"`
try { try {
const ret = await axios(inbox, { const ret = await axios(inbox, {
headers: { headers: {
Host: inboxUrl.hostname, Host: inboxUrl.hostname,
Date: d.toUTCString(), Date: d.toUTCString(),
Signature: header, Signature: header,
Digest: `SHA-256=${digest}`,
'Content-Type': 'application/activity+json; charset=utf-8', 'Content-Type': 'application/activity+json; charset=utf-8',
Accept: 'application/activity+json, application/json; chartset=utf-8' Accept: 'application/activity+json, application/json; chartset=utf-8'
}, },
method: 'post', method: 'post',
data: JSON.stringify(message) data: message
}) })
debug('sign %s => %s', ret.status, ret.data) debug('sign %s => %s', ret.status, ret.data)
} catch (e) { } catch (e) {
@@ -88,8 +93,10 @@ const Helpers = {
body['@context'] = [ body['@context'] = [
'https://www.w3.org/ns/activitystreams', 'https://www.w3.org/ns/activitystreams',
'https://w3id.org/security/v1', 'https://w3id.org/security/v1',
{ Hashtag: 'as:Hashtag' }] {
Helpers.signAndSend(body, sharedInbox) Hashtag: 'as:Hashtag'
}]
await Helpers.signAndSend(JSON.stringify(body), sharedInbox)
} }
}, },