[PLUGIN][ActivityPub][HTTPSignatures] Fix wrong assumption that sha512 is used in hs2019

2022-02-18 15:17:21 +00:00 · 2022-02-18 15:17:21 +00:00 · ebbd8bf1e4
parent 7a59d5a002
commit ebbd8bf1e4
1 changed files with 2 additions and 10 deletions
--- a/plugins/ActivityPub/Util/HTTPSignature.php
+++ b/plugins/ActivityPub/Util/HTTPSignature.php
@ -143,11 +143,7 @@ class HTTPSignature
    {
        // We need this because the used Request headers fields specified by Signature are in lower case.
        $headersContent = array_change_key_case($inputHeaders, \CASE_LOWER);
-        if ($signatureData['algorithm'] == 'hs2019') {
-            $digest = 'SHA-512=' . base64_encode(hash('sha512', $body, true));
-        } else {
-            $digest = 'SHA-256=' . base64_encode(hash('sha256', $body, true));
-        }
+        $digest = 'SHA-256=' . base64_encode(hash('sha256', $body, true));
        $headersToSign  = [];
        foreach (explode(' ', $signatureData['headers']) as $h) {
            if ($h == '(request-target)') {
@ -164,11 +160,7 @@ class HTTPSignature
        }
        $signingString = self::_headersToSigningString($headersToSign);

-        if ($signatureData['algorithm'] == 'hs2019') {
-            $verified = openssl_verify($signingString, base64_decode($signatureData['signature']), $publicKey, \OPENSSL_ALGO_SHA512);
-        } else {
-            $verified = openssl_verify($signingString, base64_decode($signatureData['signature']), $publicKey, \OPENSSL_ALGO_SHA256);
-        }
+        $verified = openssl_verify($signingString, base64_decode($signatureData['signature']), $publicKey, \OPENSSL_ALGO_SHA256);

        return [$verified, $signingString];
    }