art-dag/activity-pub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: RSA key management for ActivityPub signing

Browse Source 
- keys.py: Generate/load RSA-2048 keypairs, sign activities
- setup_keys.py: CLI to generate keys
- Real RsaSignature2017 signing (falls back to placeholder if no keys)
- Public key included in actor profile
- Private keys gitignored

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
gilesb
2026-01-07 13:51:58 +00:00
parent acaf3a0ffa
commit dec5266554
6 changed files with 226 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
setup_keys.py Executable file
View File

@@ -0,0 +1,51 @@
#!/usr/bin/env python3
"""
Generate RSA keypair for ActivityPub signing.
Usage:
python setup_keys.py [--data-dir /path/to/data] [--user username]
"""
import argparse
import os
from pathlib import Path
from keys import generate_keypair, has_keys, get_keys_dir
def main():
parser = argparse.ArgumentParser(description="Generate RSA keypair for L2 server")
parser.add_argument("--data-dir", default=os.environ.get("ARTDAG_DATA", str(Path.home() / ".artdag" / "l2")),
help="Data directory")
parser.add_argument("--user", default=os.environ.get("ARTDAG_USER", "giles"),
help="Username")
parser.add_argument("--force", action="store_true",
help="Overwrite existing keys")
args = parser.parse_args()
data_dir = Path(args.data_dir)
username = args.user
print(f"Data directory: {data_dir}")
print(f"Username: {username}")
if has_keys(data_dir, username) and not args.force:
print(f"\nKeys already exist for {username}!")
print(f" Private: {get_keys_dir(data_dir) / f'{username}.pem'}")
print(f" Public: {get_keys_dir(data_dir) / f'{username}.pub'}")
print("\nUse --force to regenerate (will invalidate existing signatures)")
return
print("\nGenerating RSA-2048 keypair...")
private_pem, public_pem = generate_keypair(data_dir, username)
keys_dir = get_keys_dir(data_dir)
print(f"\nKeys generated:")
print(f" Private: {keys_dir / f'{username}.pem'} (chmod 600)")
print(f" Public: {keys_dir / f'{username}.pub'}")
print(f"\nPublic key (for verification):")
print(public_pem)
if __name__ == "__main__":
main()