From d4a5f2422afec007b84f84539d1e27dd711031b8 Mon Sep 17 00:00:00 2001
From: me <me@alloca.space>
Date: Tue, 17 Dec 2024 10:47:00 +0200
Subject: [PATCH] oops, wrong algorithm.

---
 src/Fedi/Crypto.hs         | 18 +++++++++---------
 src/Fedi/Signature/Sign.hs |  2 +-
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/src/Fedi/Crypto.hs b/src/Fedi/Crypto.hs
index 0811bb5..a2ca4c5 100644
--- a/src/Fedi/Crypto.hs
+++ b/src/Fedi/Crypto.hs
@@ -4,12 +4,11 @@ module Fedi.Crypto where
 
 import Crypto.Hash qualified as Crypto
 import Data.ByteArray qualified as BA
-import Crypto.PubKey.RSA.PSS qualified as Crypto
+import Crypto.PubKey.RSA.PKCS15 qualified as Crypto
 import Crypto.Store.X509 qualified as Crypto
 import Crypto.Store.PKCS8 qualified as Crypto
 import Data.X509 qualified as Crypto
 import Fedi.Helpers
-import Fedi.UserDetails
 import Data.ByteString.Base64 qualified as Base64
 import Data.Base64.Types qualified as Base64
 import Data.Text qualified as T
@@ -20,19 +19,20 @@ verifyPub pubkeypem sig message = do
     case Crypto.readPubKeyFileFromMemory pubkeypem of
       [Crypto.PubKeyRSA pubkey'] -> pure pubkey'
       _ -> throw "failed to read pubkey pem"
-  pure $ Crypto.verify (Crypto.defaultPSSParams Crypto.SHA256) pubkey message sig
+  pure $ Crypto.verify (Just Crypto.SHA256) pubkey message sig
 
-sign :: UserDetails -> ByteString -> IO Signed
-sign details message = do
+sign :: FilePath -> ByteString -> IO Signed
+sign privatePemFile message = do
   -- get private key
-  privkeypem <- Crypto.readKeyFile details.privatePem
+  privkeypem <- Crypto.readKeyFile privatePemFile
   privateKey <- case privkeypem of
     [Crypto.Unprotected (Crypto.PrivKeyRSA privkey)] -> pure privkey
-    _ -> throw $ "error reading local private key from '" <> details.privatePem <> "'."
+    _ -> throw $ "error reading local private key from '" <> privatePemFile <> "'."
 
   -- sign message
-  signedMessage <- either (throw . show) pure =<<
-    Crypto.sign Nothing (Crypto.defaultPSSParams Crypto.SHA256) privateKey message
+  signedMessage <-
+    Crypto.sign Nothing (Just Crypto.SHA256) privateKey message
+      & either (throw . show) pure
 
   -- return
   pure Signed{..}
diff --git a/src/Fedi/Signature/Sign.hs b/src/Fedi/Signature/Sign.hs
index 5b14cad..a6df4d0 100644
--- a/src/Fedi/Signature/Sign.hs
+++ b/src/Fedi/Signature/Sign.hs
@@ -29,7 +29,7 @@ signSignature details host requestTarget body = do
     components = []
     signatureString = makeSignatureString host requestTarget date digest
 
-  signed <- sign details signatureString
+  signed <- sign details.privatePem signatureString
 
   let
     signature = encodeBase64 signed.signedMessage