summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/pleroma/web/http_signatures/http_signatures.ex27
1 files changed, 27 insertions, 0 deletions
diff --git a/lib/pleroma/web/http_signatures/http_signatures.ex b/lib/pleroma/web/http_signatures/http_signatures.ex
new file mode 100644
index 000000000..e2210285e
--- /dev/null
+++ b/lib/pleroma/web/http_signatures/http_signatures.ex
@@ -0,0 +1,27 @@
+# https://tools.ietf.org/html/draft-cavage-http-signatures-08
+defmodule Pleroma.Web.HTTPSignatures do
+ def split_signature(sig) do
+ default = %{"headers" => ["date"]}
+
+ sig
+ |> String.trim()
+ |> String.split(",")
+ |> Enum.reduce(default, fn(part, acc) ->
+ [key | rest] = String.split(part, "=")
+ value = Enum.join(rest, "=")
+ Map.put(acc, key, String.trim(value, "\""))
+ end)
+ end
+
+ def validate(headers, signature, public_key) do
+ sigstring = build_signing_string(headers, signature["headers"])
+ {:ok, sig} = Base.decode64(signature["signature"])
+ verify = :public_key.verify(sigstring, :sha256, sig, public_key)
+ end
+
+ def build_signing_string(headers, used_headers) do
+ used_headers
+ |> Enum.map(fn (header) -> "#{header}: #{headers[header]}" end)
+ |> Enum.join("\n")
+ end
+end
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-19 11:03:26 +0000