From 3b806e4603a7da8bb6a24029a0115e18a6b7ba5b Mon Sep 17 00:00:00 2001 From: FChannel <> Date: Fri, 25 Jun 2021 01:39:50 -0700 Subject: expanded header signature support to known possible values at this time --- cacheDatabase.go | 4 ++++ verification.go | 31 ++++++++++++++++++++++++++----- 2 files changed, 30 insertions(+), 5 deletions(-) diff --git a/cacheDatabase.go b/cacheDatabase.go index 94f88d2..5acead7 100644 --- a/cacheDatabase.go +++ b/cacheDatabase.go @@ -32,6 +32,10 @@ func WriteObjectToCache(db *sql.DB, obj ObjectBase) ObjectBase { func WriteActorObjectToCache(db *sql.DB, obj ObjectBase) ObjectBase { if len(obj.Attachment) > 0 { + + if IsIDLocal(db, obj.Id) { + return obj + } if obj.Preview.Href != "" { WritePreviewToCache(db, *obj.Preview) } diff --git a/verification.go b/verification.go index 3215688..7c634e1 100644 --- a/verification.go +++ b/verification.go @@ -38,6 +38,7 @@ type Signature struct { KeyId string Headers []string Signature string + Algorithm string } func DeleteBoardMod(db *sql.DB, verify Verify) { @@ -606,10 +607,12 @@ func ActivityVerify(actor Actor, signature string, verify string) error { func VerifyHeaderSignature(r *http.Request, actor Actor) bool { s := ParseHeaderSignature(r.Header.Get("Signature")) - var method string - var path string - var host string - var date string + var method string + var path string + var host string + var date string + var digest string + var contentLength string var sig string for _, e := range s.Headers { @@ -630,7 +633,19 @@ func VerifyHeaderSignature(r *http.Request, actor Actor) bool { date = r.Header.Get("date") sig += "date: " + date continue - } + } + + if e == "digest" { + digest = r.Header.Get("digest") + sig += "digest: " + digest + continue + } + + if e == "content-length" { + contentLength = r.Header.Get("content-length") + sig += "content-length: " + contentLength + continue + } } if s.KeyId != actor.PublicKey.Id { @@ -656,6 +671,7 @@ func ParseHeaderSignature(signature string) Signature { keyId := regexp.MustCompile(`keyId=`) headers := regexp.MustCompile(`headers=`) sig := regexp.MustCompile(`signature=`) + algo := regexp.MustCompile(`algorithm=`) signature = strings.ReplaceAll(signature, "\"", "") parts := strings.Split(signature, ",") @@ -676,6 +692,11 @@ func ParseHeaderSignature(signature string) Signature { nsig.Signature = sig.ReplaceAllString(e, "") continue } + + if algo.MatchString(e) { + nsig.Algorithm = algo.ReplaceAllString(e, "") + continue + } } return nsig -- cgit v1.2.3