Start of HTTP Signatures.

author: Roger Braun <roger@rogerbraun.net> 2017-09-18 11:39:57 +0200
committer: Roger Braun <roger@rogerbraun.net> 2017-09-18 11:39:57 +0200
commit: 9cefbaf01625cbb4b892ce2b767f79ceb155110b (patch)
tree: 277ebf653164440fb48f2ac422bb08d2f4326150 /lib
parent: 270c90322023d517183032e0ebaf9d60b7a3020f (diff)
download: pleroma-9cefbaf01625cbb4b892ce2b767f79ceb155110b.tar.gz
pleroma-9cefbaf01625cbb4b892ce2b767f79ceb155110b.zip
1 files changed, 27 insertions, 0 deletions
diff --git a/lib/pleroma/web/http_signatures/http_signatures.ex b/lib/pleroma/web/http_signatures/http_signatures.ex
new file mode 100644
index 000000000..e2210285e
--- /dev/null
+++ b/lib/pleroma/web/http_signatures/http_signatures.ex
@@ -0,0 +1,27 @@
+# https://tools.ietf.org/html/draft-cavage-http-signatures-08
+defmodule Pleroma.Web.HTTPSignatures do
+  def split_signature(sig) do
+    default = %{"headers" => ["date"]}
+
+    sig
+    |> String.trim()
+    |> String.split(",")
+    |> Enum.reduce(default, fn(part, acc) ->
+      [key | rest] = String.split(part, "=")
+      value = Enum.join(rest, "=")
+      Map.put(acc, key, String.trim(value, "\""))
+    end)
+  end
+
+  def validate(headers, signature, public_key) do
+    sigstring = build_signing_string(headers, signature["headers"])
+    {:ok, sig} = Base.decode64(signature["signature"])
+    verify = :public_key.verify(sigstring, :sha256, sig, public_key)
+  end
+
+  def build_signing_string(headers, used_headers) do
+    used_headers
+    |> Enum.map(fn (header) -> "#{header}: #{headers[header]}" end)
+    |> Enum.join("\n")
+  end
+end
author	Roger Braun <roger@rogerbraun.net>	2017-09-18 11:39:57 +0200
committer	Roger Braun <roger@rogerbraun.net>	2017-09-18 11:39:57 +0200
commit	9cefbaf01625cbb4b892ce2b767f79ceb155110b (patch)
tree	277ebf653164440fb48f2ac422bb08d2f4326150 /lib
parent	270c90322023d517183032e0ebaf9d60b7a3020f (diff)
download	pleroma-9cefbaf01625cbb4b892ce2b767f79ceb155110b.tar.gz pleroma-9cefbaf01625cbb4b892ce2b767f79ceb155110b.zip