Month: June 2018

Using Java signatures in Clojure

A while back I was trying to implement HTTP signatures to use with ActivityPub interactions with Mastodon. In Clojure. There is a go-to library for Clojure when it comes to crypto stuff, but I couldn’t get it to do the specific thing I needed: SHA-256 / RSA signatures. I looked at other options too, but as I’m not familiar with NaCl, that was just a confusing mess of wrappers around Java wrapped around C.

In the end I went with using Java interop to call Bouncy Castle stuff directly. I hate Java and interop in Clojure just feels wrong, but at least I could get it to work. Not to mention if something, Bouncy Castle is maintained. It wasn’t exactly a joyride, but it works. Check out the source if you’re interested (or want to use it). I didn’t make it stand-alone or put it up on Clojars (yet).


Dealing with weird keywords in Clojure specs

Recently I’ve been working on a Clojure implementation for ActivityPub. In the process I wanted to use specs, but I ran into a pretty significant problem. Namely the very first line in basically every single ActivityPub JSON object: { "@context": "https://www.w3.org/ns/activitystreams" }.

Do you see the problem? Well. This JSON will arrive at the server, where it’ll be handled by Cheshire or something along those lines. Point is, keys in JSON maps will end up turned into keywords. Clicked the link? The guide isn’t exactly specific about what can and can’t go into a keyword.