feat: parse some algorithms for digest, all rsa
This commit is contained in:
parent
4a99a3dc40
commit
be75ac33d1
1 changed files with 16 additions and 2 deletions
18
src/auth.rs
18
src/auth.rs
|
@ -72,9 +72,8 @@ where
|
||||||
.join("\n");
|
.join("\n");
|
||||||
|
|
||||||
let user = ctx.fetch().user(&user_id).await.map_err(|_e| StatusCode::UNAUTHORIZED)?;
|
let user = ctx.fetch().user(&user_id).await.map_err(|_e| StatusCode::UNAUTHORIZED)?;
|
||||||
// TODO we should choose algo depending on http signature requested algo
|
|
||||||
let pubkey = PKey::public_key_from_pem(user.public_key.as_bytes()).map_err(|_e| StatusCode::INTERNAL_SERVER_ERROR)?;
|
let pubkey = PKey::public_key_from_pem(user.public_key.as_bytes()).map_err(|_e| StatusCode::INTERNAL_SERVER_ERROR)?;
|
||||||
let mut verifier = Verifier::new(MessageDigest::sha256(), &pubkey).map_err(|_e| StatusCode::INTERNAL_SERVER_ERROR)?;
|
let mut verifier = Verifier::new(signature.digest(), &pubkey).map_err(|_e| StatusCode::INTERNAL_SERVER_ERROR)?;
|
||||||
verifier.update(data.as_bytes()).map_err(|_e| StatusCode::INTERNAL_SERVER_ERROR)?;
|
verifier.update(data.as_bytes()).map_err(|_e| StatusCode::INTERNAL_SERVER_ERROR)?;
|
||||||
if verifier.verify(signature.signature.as_bytes()).map_err(|_e| StatusCode::INTERNAL_SERVER_ERROR)? {
|
if verifier.verify(signature.signature.as_bytes()).map_err(|_e| StatusCode::INTERNAL_SERVER_ERROR)? {
|
||||||
identity = Identity::Remote(user_id);
|
identity = Identity::Remote(user_id);
|
||||||
|
@ -94,6 +93,21 @@ pub struct HttpSignature {
|
||||||
signature: String,
|
signature: String,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
impl HttpSignature {
|
||||||
|
pub fn digest(&self) -> MessageDigest {
|
||||||
|
match self.algorithm.as_str() {
|
||||||
|
"rsa-sha512" => MessageDigest::sha512(),
|
||||||
|
"rsa-sha384" => MessageDigest::sha384(),
|
||||||
|
"rsa-sha256" => MessageDigest::sha256(),
|
||||||
|
"rsa-sha1" => MessageDigest::sha1(),
|
||||||
|
_ => {
|
||||||
|
tracing::error!("unknown digest algorithm, trying with rsa-sha256");
|
||||||
|
MessageDigest::sha256()
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
impl TryFrom<&str> for HttpSignature {
|
impl TryFrom<&str> for HttpSignature {
|
||||||
type Error = StatusCode; // TODO: quite ad hoc...
|
type Error = StatusCode; // TODO: quite ad hoc...
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue