From 91319bda5d9faac18e60e41377596869d50f9801 Mon Sep 17 00:00:00 2001 From: Terence Eden Date: Tue, 5 Mar 2024 17:14:34 +0000 Subject: [PATCH] Prepare for Lemmy! Handle hs2019 in algorithm --- index.php | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/index.php b/index.php index f7115a4..003d57c 100644 --- a/index.php +++ b/index.php @@ -1464,6 +1464,13 @@ HTML; $signature = base64_decode( $signatureParts["signature"] ); $algorithm = $signatureParts["algorithm"]; + // There might be many different signing algorithms + // TODO: Find a way to transform these automatically + // See https://github.com/superseriousbusiness/gotosocial/issues/1186#issuecomment-1976166659 and https://github.com/snarfed/bridgy-fed/issues/430 for hs2019 + if ( "hs2019" == $algorithm ) { + $algorithm = "sha256"; + } + // Finally! Calculate whether the signature is valid // Returns 1 if verified, 0 if not, false or -1 if an error occurred $verified = openssl_verify(