Signature pattern failed with Mastodon/Pleroma requests #16

gudzpoz · 2020-11-06T08:47:05Z

The signature field in the request was keyId="https://domain/path#main-key",algorithm="rsa-sha256",headers="(request-target) host date digest content-type",signature="zRbQw......0MUqA==", and I suspect that the algorithm="rsa-sha256" field has caused this problem. (By the way, requests from both Mastodon and Pleroma seem to be using rsa-sha256.)

Can this be fixed somehow? Thanks!

The text was updated successfully, but these errors were encountered:

landrok · 2020-11-06T13:23:34Z

Hi, you're true, the algorithm field is not matched by the extraction pattern.

A patch has been applied and packaged with the 0.5.3 release. Can you test it and tell me if it works with your use-case ?

gudzpoz · 2020-11-06T15:16:23Z

The pattern matching still went wrong, but after some testing it seems that it is another issue other than the algorithm field, which has been resolve by your patch.
I've opened pull request #17 and the modification works for me. Would you please check it out?

landrok · 2020-11-06T15:48:00Z

Packaged with the 0.5.4 release

Thanks 👍

landrok added the bug Something isn't working label Nov 6, 2020

landrok self-assigned this Nov 6, 2020

gudzpoz closed this as completed Nov 6, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Signature pattern failed with Mastodon/Pleroma requests #16

Signature pattern failed with Mastodon/Pleroma requests #16

gudzpoz commented Nov 6, 2020

landrok commented Nov 6, 2020

gudzpoz commented Nov 6, 2020

landrok commented Nov 6, 2020

Signature pattern failed with Mastodon/Pleroma requests #16

Signature pattern failed with Mastodon/Pleroma requests #16

Comments

gudzpoz commented Nov 6, 2020

landrok commented Nov 6, 2020

gudzpoz commented Nov 6, 2020

landrok commented Nov 6, 2020