httpMessageSignatureAcceptable

packages/backend/src/server/NodeinfoServerService.ts

@@ -37,12 +37,12 @@ export class NodeinfoServerService {
 	@bindThis
 	public getLinks() {
 		return [{
-				rel: 'http://nodeinfo.diaspora.software/ns/schema/2.1',
-				href: this.config.url + nodeinfo2_1path
-			}, {
-				rel: 'http://nodeinfo.diaspora.software/ns/schema/2.0',
-				href: this.config.url + nodeinfo2_0path,
-			}];
+			rel: 'http://nodeinfo.diaspora.software/ns/schema/2.1',
+			href: this.config.url + nodeinfo2_1path,
+		}, {
+			rel: 'http://nodeinfo.diaspora.software/ns/schema/2.0',
+			href: this.config.url + nodeinfo2_0path,
+		}];
 	}
 
 	@bindThis
@@ -94,6 +94,45 @@ export class NodeinfoServerService {
 					localComments: 0,
 				},
 				metadata: {
+					httpMessageSignatureAcceptable: [
+						{
+							version: 'draft-ietf-httpbis-message-signatures-02',
+							/**
+							 * https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-message-signatures-02#name-initial-contents
+							 */
+							algorithms: [
+								'hs2019',
+								// 'rsa-sha1', [Deprecated]
+								'rsa-sha256',
+								'hmac-sha256',
+								'ecdsa-sha256',
+							],
+							/**
+							 * https://datatracker.ietf.org/doc/html/rfc9421#section-6.2
+							 */
+							hs2019: [
+								'ecdsa-p384-sha384',
+								'ed25519',
+							],
+						},
+						/**
+						 * rfc9421 algorithms:
+						 * https://datatracker.ietf.org/doc/html/rfc9421#section-6.2
+						 * Misskeyはnode:crypto.verifyに食わせるだけなので、だいたいなんでもいけるはず
+						 */
+						/*{
+							version: 'rfc9421',
+							algorithms: [
+								'rsa-pss-sha512',
+								'rsa-v1_5-sha256',
+								'hmac-sha256',
+								'ecdsa-p256-sha256',
+								'ecdsa-p384-sha384',
+								'ed25519',
+							],
+						},*/
+					],
+
 					nodeName: meta.name,
 					nodeDescription: meta.description,
 					nodeAdmins: [{