Accept hs2019 in signatures (#529)
Fixes part of federation with GoToSocial - this is just a different name for the same algorithm.
This commit is contained in:
parent
552a150e57
commit
78eacf165e
|
@ -160,7 +160,12 @@ class HttpSignature:
|
||||||
raise VerificationFormatError("No signature header present")
|
raise VerificationFormatError("No signature header present")
|
||||||
signature_details = cls.parse_signature(request.headers["signature"])
|
signature_details = cls.parse_signature(request.headers["signature"])
|
||||||
# Reject unknown algorithms
|
# Reject unknown algorithms
|
||||||
if signature_details["algorithm"] != "rsa-sha256":
|
# hs2019 is used by some libraries to obfuscate the real algorithm per the spec
|
||||||
|
# https://datatracker.ietf.org/doc/html/draft-cavage-http-signatures-12
|
||||||
|
if (
|
||||||
|
signature_details["algorithm"] != "rsa-sha256"
|
||||||
|
and signature_details["algorithm"] != "hs2019"
|
||||||
|
):
|
||||||
raise VerificationFormatError("Unknown signature algorithm")
|
raise VerificationFormatError("Unknown signature algorithm")
|
||||||
# Create the signature payload
|
# Create the signature payload
|
||||||
headers_string = cls.headers_from_request(request, signature_details["headers"])
|
headers_string = cls.headers_from_request(request, signature_details["headers"])
|
||||||
|
|
Loading…
Reference in New Issue