From 3b806e4603a7da8bb6a24029a0115e18a6b7ba5b Mon Sep 17 00:00:00 2001
From: FChannel <>
Date: Fri, 25 Jun 2021 01:39:50 -0700
Subject: expanded header signature support to known possible values at this
 time

---
 cacheDatabase.go |  4 ++++
 verification.go  | 31 ++++++++++++++++++++++++++-----
 2 files changed, 30 insertions(+), 5 deletions(-)

diff --git a/cacheDatabase.go b/cacheDatabase.go
index 94f88d2..5acead7 100644
--- a/cacheDatabase.go
+++ b/cacheDatabase.go
@@ -32,6 +32,10 @@ func WriteObjectToCache(db *sql.DB, obj ObjectBase) ObjectBase {
 
 func WriteActorObjectToCache(db *sql.DB, obj ObjectBase) ObjectBase {
 	if len(obj.Attachment) > 0 {
+		
+		if IsIDLocal(db, obj.Id) {
+			return obj
+		}
 		if obj.Preview.Href != "" {
 			WritePreviewToCache(db, *obj.Preview)
 		}
diff --git a/verification.go b/verification.go
index 3215688..7c634e1 100644
--- a/verification.go
+++ b/verification.go
@@ -38,6 +38,7 @@ type Signature struct {
 	KeyId string
 	Headers []string
 	Signature string
+	Algorithm string	
 }
 
 func DeleteBoardMod(db *sql.DB, verify Verify) {
@@ -606,10 +607,12 @@ func ActivityVerify(actor Actor, signature string, verify string) error {
 func VerifyHeaderSignature(r *http.Request, actor Actor) bool {
 	s := ParseHeaderSignature(r.Header.Get("Signature"))
 
-	var method string
-	var path string
-	var host string
-	var date string
+	var method        string
+	var path          string
+	var host          string
+	var date          string
+	var digest        string
+	var contentLength string	
 
 	var sig string
 	for _, e := range s.Headers {
@@ -630,7 +633,19 @@ func VerifyHeaderSignature(r *http.Request, actor Actor) bool {
 			date = r.Header.Get("date")
 			sig += "date: " + date
 			continue
-		}		
+		}
+
+		if e == "digest" {
+			digest = r.Header.Get("digest")
+			sig += "digest: " + digest
+			continue
+		}
+
+		if e == "content-length" {
+			contentLength = r.Header.Get("content-length")
+			sig += "content-length: " + contentLength
+			continue
+		}						
 	}
 
 	if s.KeyId != actor.PublicKey.Id {
@@ -656,6 +671,7 @@ func ParseHeaderSignature(signature string) Signature {
 	keyId := regexp.MustCompile(`keyId=`)
 	headers := regexp.MustCompile(`headers=`)
 	sig := regexp.MustCompile(`signature=`)
+	algo := regexp.MustCompile(`algorithm=`)	
 
 	signature = strings.ReplaceAll(signature, "\"", "")
 	parts := strings.Split(signature, ",")
@@ -676,6 +692,11 @@ func ParseHeaderSignature(signature string) Signature {
 			nsig.Signature = sig.ReplaceAllString(e, "")
 			continue
 		}
+
+		if algo.MatchString(e) {
+			nsig.Algorithm = algo.ReplaceAllString(e, "")
+			continue
+		}		
 	}
 
 	return nsig
-- 
cgit v1.2.3