commit 93792d3f1e1b97e3cfc2e7be3d0b7a24ec8df235
parent 0f2de6394a1c52d47e326bb7d7d129a217ae4f6f
Author: tsmethurst <tobi.smethurst@klarrio.com>
Date: Tue, 10 Aug 2021 13:59:37 +0200
roll back to sha256 for signatures
Diffstat:
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/internal/transport/controller.go b/internal/transport/controller.go
@@ -60,7 +60,7 @@ func NewController(config *config.Config, db db.DB, clock pub.Clock, client pub.
// NewTransport returns a new http signature transport with the given public key id (a URL), and the given private key.
func (c *controller) NewTransport(pubKeyID string, privkey crypto.PrivateKey) (Transport, error) {
- prefs := []httpsig.Algorithm{httpsig.RSA_SHA512}
+ prefs := []httpsig.Algorithm{httpsig.RSA_SHA256}
digestAlgo := httpsig.DigestSha256
getHeaders := []string{httpsig.RequestTarget, "host", "date"}
postHeaders := []string{httpsig.RequestTarget, "host", "date", "digest"}
