Hi! I’m bashing my head against the wall that is HTTP Signatures. I’ve got plenty of sample code and previous examples, but I’m trying to write a reliable test for my code. I’ve tried testing against this HTTP signatures tool but another post suggests it may be inaccurate.
So what I’m wondering is: does anyone have a valid signed HTTP message with its public and private keys? (Obviously from a test account!) I want to be able to compare my program’s output to a valid output.
wow!
Is there anywhere other than mastodon that describes how to handle the public key in the actor? Wasn’t there a recent FEP from @eprodrom regarding http signatures?
— edit —
A sample is that:
"publicKey": {
"id": "https://activitypub.academy/users/fabocia_tuvos#main-key",
"owner": "https://activitypub.academy/users/fabocia_tuvos",
"publicKeyPem": "-----BEGIN PUBLIC KEY-----MIIBIjANBgkqhkiG9w0BAQEFAAO ... -----END PUBLIC KEY-----"
}