|
@@ -18,8 +18,8 @@ class ActivityPub::LinkedDataSignature
|
|
|
|
|
|
return unless type == 'RsaSignature2017'
|
|
return unless type == 'RsaSignature2017'
|
|
|
|
|
|
- creator = ActivityPub::TagManager.instance.uri_to_resource(creator_uri, Account)
|
|
|
|
- creator ||= ActivityPub::FetchRemoteKeyService.new.call(creator_uri, id: false)
|
|
|
|
|
|
+ creator = ActivityPub::TagManager.instance.uri_to_resource(creator_uri, Account)
|
|
|
|
+ creator = ActivityPub::FetchRemoteKeyService.new.call(creator_uri, id: false) if creator&.public_key.blank?
|
|
|
|
|
|
return if creator.nil?
|
|
return if creator.nil?
|
|
|
|
|
|
@@ -27,9 +27,9 @@ class ActivityPub::LinkedDataSignature
|
|
document_hash = hash(@json.without('signature'))
|
|
document_hash = hash(@json.without('signature'))
|
|
to_be_verified = options_hash + document_hash
|
|
to_be_verified = options_hash + document_hash
|
|
|
|
|
|
- if creator.keypair.public_key.verify(OpenSSL::Digest.new('SHA256'), Base64.decode64(signature), to_be_verified)
|
|
|
|
- creator
|
|
|
|
- end
|
|
|
|
|
|
+ creator if creator.keypair.public_key.verify(OpenSSL::Digest.new('SHA256'), Base64.decode64(signature), to_be_verified)
|
|
|
|
+ rescue OpenSSL::PKey::RSAError
|
|
|
|
+ false
|
|
end
|
|
end
|
|
|
|
|
|
def sign!(creator, sign_with: nil)
|
|
def sign!(creator, sign_with: nil)
|