+
+ def sign(user, headers) do
+ with {:ok, %{info: %{keys: keys}}} <- Pleroma.Web.WebFinger.ensure_keys_present(user),
+ {:ok, private_key, _} = Pleroma.Web.Salmon.keys_from_pem(keys) do
+ sigstring = build_signing_string(headers, Map.keys(headers))
+
+ signature =
+ :public_key.sign(sigstring, :sha256, private_key)
+ |> Base.encode64()
+
+ [
+ keyId: user.ap_id <> "#main-key",
+ algorithm: "rsa-sha256",
+ headers: Map.keys(headers) |> Enum.join(" "),
+ signature: signature
+ ]
+ |> Enum.map(fn {k, v} -> "#{k}=\"#{v}\"" end)
+ |> Enum.join(",")
+ end
+ end