activitypub: add digest header to outbound messages and sign it

author William Pitcock <nenolod@dereferenced.org>

Tue, 31 Jul 2018 21:41:18 +0000 (21:41 +0000)

committer William Pitcock <nenolod@dereferenced.org>

Tue, 31 Jul 2018 23:24:30 +0000 (23:24 +0000)
author William Pitcock <nenolod@dereferenced.org>
Tue, 31 Jul 2018 21:41:18 +0000 (21:41 +0000)
committer William Pitcock <nenolod@dereferenced.org>
Tue, 31 Jul 2018 23:24:30 +0000 (23:24 +0000)
diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex

index 464832a1ef28264e6e0d0ad9230a068595b83611..90a39ce6989294b636f452851f809074c496ef11 100644 (file)
--- a/lib/pleroma/web/activity_pub/activity_pub.ex
+++ b/lib/pleroma/web/activity_pub/activity_pub.ex
@@ -641,8 +641,14 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
      Logger.info("Federating #{id} to #{inbox}")
      host = URI.parse(inbox).host
  
+    digest = "SHA-256=" <> (:crypto.hash(:sha256, json) |> Base.encode64())
+
      signature =
-      Pleroma.Web.HTTPSignatures.sign(actor, %{host: host, "content-length": byte_size(json)})
+      Pleroma.Web.HTTPSignatures.sign(actor, %{
+        host: host,
+        "content-length": byte_size(json),
+        digest: digest
+      })
  
      @httpoison.post(
        inbox,
author	William Pitcock <nenolod@dereferenced.org>
	Tue, 31 Jul 2018 21:41:18 +0000 (21:41 +0000)
committer	William Pitcock <nenolod@dereferenced.org>
	Tue, 31 Jul 2018 23:24:30 +0000 (23:24 +0000)