ActivityPub: we are using RSA signatures

author: Vitaly Takmazov 2024-02-28 23:44:21 +0300
committer: Vitaly Takmazov 2024-02-28 23:44:21 +0300
commit: 7ada4dd49efc3607780f20ed25546e4223f2cb89 (patch)
tree: b717e52e4a4566cf0a43ea5897715b2b2fada478 /src
parent: 93671f0709a67516aa312a8dac581c66a663a7d6 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/src/main/java/com/juick/ActivityPubManager.java b/src/main/java/com/juick/ActivityPubManager.java
index f4b87b05..e4087308 100644
--- a/src/main/java/com/juick/ActivityPubManager.java
+++ b/src/main/java/com/juick/ActivityPubManager.java
@@ -49,6 +49,7 @@ import org.springframework.core.convert.ConversionService;
 import org.springframework.http.MediaType;
 import org.springframework.web.util.UriComponents;
 import org.springframework.web.util.UriComponentsBuilder;
+import org.tomitribe.auth.signatures.Algorithm;
 import org.tomitribe.auth.signatures.MissingRequiredHeaderException;
 import org.tomitribe.auth.signatures.Signature;
 import org.tomitribe.auth.signatures.Verifier;
@@ -434,7 +435,7 @@ public class ActivityPubManager implements ActivityListener, NotificationListene
     public User verifyActor(String method, String path, Map<String, String> headers) {
         String signatureString = headers.get("signature");
         if (StringUtils.isNotEmpty(signatureString)) {
-            Signature signature = Signature.fromString(signatureString);
+            Signature signature = Signature.fromString(signatureString, Algorithm.RSA_SHA256);
             var keyId = UriComponentsBuilder.fromUriString(signature.getKeyId()).fragment(null).build().toUri();
             var user = activityPubService.getUserByAccountUri(keyId.toASCIIString());
             Key key = null;
author	Vitaly Takmazov	2024-02-28 23:44:21 +0300
committer	Vitaly Takmazov	2024-02-28 23:44:21 +0300
commit	7ada4dd49efc3607780f20ed25546e4223f2cb89 (patch)
tree	b717e52e4a4566cf0a43ea5897715b2b2fada478 /src
parent	93671f0709a67516aa312a8dac581c66a663a7d6 (diff)