aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Web/HTTPSig.php
Commit message (Collapse)AuthorAgeFilesLines
* add a hidden config for the hs2019 http sig algoMario2022-05-191-2/+5
|
* whitespaceMario2022-03-101-35/+35
|
* support for hs2019Mario2022-03-101-13/+57
|
* address deprecation warningsMario2022-02-131-2/+5
|
* rename variableMario2022-02-081-6/+6
|
* revert deleted flag for webfinger and zotfinger keyMario2022-02-081-21/+9
|
* HTTPSig: introduce the deleted keytype. this will allow us to not fetch an ↵Mario2022-02-081-6/+30
| | | | actor we have never seen before if we received a delete activity for this actor for some reason. this is only implemented in the activitypub inbox so far.
* HTTPSig: do not query for hubloc_addrMario2021-10-121-6/+3
|
* Revert "httpsig: add parentheses"Mario2021-10-121-2/+2
| | | | This reverts commit e455fae334c4b5f8d5a563e099add1482749c92f.
* httpsig: add parenthesesMario2021-10-121-2/+2
|
* look for hubloc_id_url or hubloc_hash, otherwise we will always fetch the ↵Mario2021-10-111-1/+2
| | | | key from the net on platforms where those are different (e.g. mastodon).
* streamline logicMario2021-10-101-3/+4
|
* HTTPSig: cleanup, add some doco and implement missing force mechanism for ↵Mario2021-10-101-167/+202
| | | | fetching keys
* use lib/keyutils rsatopem()Mario2021-03-181-1/+1
|
* get devHilmar R2021-03-011-12/+15
|
* fix issue where an array was passed to get_key() instead of a stringMario2020-12-301-9/+11
| | | (cherry picked from commit 81a1aedeb9a4e07c3d1e11905ad3e2434d635e86)
* add loggingMario2020-11-231-0/+3
|
* less hubloc confusionMario2020-11-081-20/+46
|
* use zot_record_preferred() when fetching keysMario2020-05-151-9/+16
|
* http signature consolidationzotlabs2019-06-261-118/+244
|
* encrypted header issuezotlabs2018-11-141-1/+1
|
* extra loggingzotlabs2018-11-141-0/+4
|
* verify some edge case http signatureszotlabs2018-10-111-4/+2
|
* SECURITY: signature issuezotlabs2018-10-091-0/+15
|
* as_fetch depends on the pubcrawl plugin, but is referenced in core. Ensure ↵zotlabs2018-04-221-1/+3
| | | | that it doesn't chuck a wobbly if the function isn't found. This is undergoing significant revision for zot6 so this action is considered a short-term workaround until that work work stabilises.
* draft-cavage issueszotlabs2018-04-151-3/+9
|
* :white_check_mark: Unit Test for HTTPSig.Klaus Weidenbach2018-02-281-30/+87
|
* zot6 testingzotlabs2018-02-081-6/+1
|
* missing quotezotlabs2018-02-081-1/+1
|
* loggingzotlabs2018-02-081-1/+3
|
* z6 testingzotlabs2018-02-081-1/+1
|
* debug the crypto functionzotlabs2018-02-071-0/+3
|
* z6 deliverzotlabs2018-01-161-0/+15
|
* cleanup of last fixzotlabs2018-01-131-1/+1
|
* unexpected openssl resultzotlabs2018-01-131-1/+1
|
* fix typo in HTTPSigMario Vavti2017-12-041-1/+1
|
* sort out the notification idszotlabs2017-10-121-1/+2
|
* typozotlabs2017-09-241-1/+1
|
* For zot6, allow HTTP Signatures to be encrypted, as they may contain ↵zotlabs2017-09-241-6/+46
| | | | sensitive (envelope, metadata) information.
* log the lack of http sig infozotlabs2017-09-211-1/+3
|
* provide a space between link header paramszotlabs2017-09-201-1/+1
|
* add more signature loggingzotlabs2017-09-201-1/+7
|
* more zot6zotlabs2017-09-131-1/+6
|
* owa - first commitzotlabs2017-09-071-0/+8
|
* some more prep work for Zot VI - some of this will need to be undone or at ↵zotlabs2017-09-041-3/+10
| | | | least re-arranged later but we need to bootstrap a test environment.
* only validate headers that aren't "spoofable", which will be somewhat ↵zotlabs2017-09-031-3/+8
| | | | implementation dependent.
* some changes after testing server-to-server magic authzotlabs2017-08-311-2/+8
|
* httpsig - return an array with all the different signing possibilities ↵zotlabs2017-08-201-8/+21
| | | | enumerated
* mv HTTPSig to core - so we can use it as an auth methodzotlabs2017-08-171-0/+220