From 5d3c222774c104104636e336802c5c3d26a13f95 Mon Sep 17 00:00:00 2001 From: alemi Date: Sat, 13 Apr 2024 06:02:50 +0200 Subject: [PATCH] fix: verify_oneshot, maybe makes a difference? --- src/errors.rs | 3 +++ src/server/auth.rs | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/src/errors.rs b/src/errors.rs index 7029d7f7..336463bf 100644 --- a/src/errors.rs +++ b/src/errors.rs @@ -17,6 +17,9 @@ pub enum UpubError { #[error("fetch error: {0}")] Reqwest(#[from] reqwest::Error), + + #[error("invalid base64 string: {0}")] + Base64(#[from] base64::DecodeError), } impl UpubError { diff --git a/src/server/auth.rs b/src/server/auth.rs index 61291809..27a8744e 100644 --- a/src/server/auth.rs +++ b/src/server/auth.rs @@ -89,9 +89,9 @@ where fn verify_control_text(txt: &str, key: &str, control: &str) -> crate::Result { let pubkey = PKey::public_key_from_pem(key.as_bytes())?; - let mut verifier = Verifier::new(MessageDigest::sha256(), &pubkey).unwrap(); - verifier.update(txt.as_bytes())?; - Ok(verifier.verify(&base64::prelude::BASE64_URL_SAFE.decode(control).unwrap_or_default())?) + let mut verifier = Verifier::new(MessageDigest::sha256(), &pubkey)?; + let signature = base64::prelude::BASE64_URL_SAFE.decode(control)?; + Ok(verifier.verify_oneshot(&signature, txt.as_bytes())?) }