Mastodon/mastofeed-iframe-embed
1
0
Fork 0
mirror of https://github.com/fenwick67/mastofeed synced 2024-12-22 07:16:14 +01:00
Code Issues Releases Wiki Activity

change the fuckin key algo

Browse Source
This commit is contained in:
fenwick67 2024-10-13 12:38:08 -04:00
parent b171ba34a4
commit 0bb0d8de72
4 changed files with 8 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
index.js
View File

@ -205,7 +205,7 @@ app.get('/.well-known/webfinger', function(req,res){
return res.send(JSON.stringify(resJson)); return res.send(JSON.stringify(resJson));
} else { } else {
res.status(404); res.status(404);
res.send(); res.send("unknown user");
} }
}) })

6
lib/apCryptoShit.js
View File

@ -21,16 +21,16 @@ function getKeyId(){
function sign(str){ function sign(str){
_precheck() _precheck()
var signerObject = crypto.createSign("RSA-SHA256"); var signerObject = crypto.createSign("RSA-SHA256");// needs to be "RSASSA-PKCS1-v1_5 with SHA-256" I'm assuming this is RSA_PKCS1_PADDING...???
signerObject.update(str); signerObject.update(str);
return signerObject.sign({key:getPrivateKey(),padding:crypto.constants.RSA_PKCS1_PSS_PADDING}, "base64"); return signerObject.sign({key:_privKey,padding:crypto.constants.RSA_PKCS1_PADDING}, "base64");
} }
function verify(str,signature){ function verify(str,signature){
_precheck(); _precheck();
var verifierObject = crypto.createVerify("RSA-SHA256"); var verifierObject = crypto.createVerify("RSA-SHA256");
verifierObject.update(str); verifierObject.update(str);
var verified = verifierObject.verify({key:_pubKey, padding:crypto.constants.RSA_PKCS1_PSS_PADDING}, signature, "base64"); return verifierObject.verify({key:_pubKey, padding:crypto.constants.RSA_PKCS1_PADDING}, signature, "base64");
} }
// private // private

3
lib/apGet.js
View File

@ -64,7 +64,8 @@ module.exports = async function apGet(url,ttl) {
axiosOpts.headers.Signature=Authorization; axiosOpts.headers.Signature=Authorization;
console.log("axios request info: \n"+JSON.stringify(axiosOpts,null,2)) console.log("axios request info: \n"+JSON.stringify(axiosOpts,null,2));
console.log('string that was signed: \n---\n'+plaintext+'\n---')
let response let response
try { try {

7
utils/ensure-keys-work.js
View File

@ -3,9 +3,6 @@ const cryptoShit = require('../lib/apCryptoShit.js')
var signature = cryptoShit.sign("hello world") var signature = cryptoShit.sign("hello world")
console.info("signature: %s", signature); var verified = cryptoShit.verify("hello world", signature)
//verify String
var verifierObject = crypto.createVerify("RSA-SHA256");
verifierObject.update("hello world");
var verified = verifierObject.verify({key:cryptoShit.getPublicKey(), padding:crypto.constants.RSA_PKCS1_PSS_PADDING}, signature, "base64");
console.info("is signature ok?: %s", verified); console.info("is signature ok?: %s", verified);