forked from alemi/upub
feat: parse some algorithms for digest, all rsa
This commit is contained in:
parent
4a99a3dc40
commit
be75ac33d1
1 changed files with 16 additions and 2 deletions
18
src/auth.rs
18
src/auth.rs
|
@ -72,9 +72,8 @@ where
|
|||
.join("\n");
|
||||
|
||||
let user = ctx.fetch().user(&user_id).await.map_err(|_e| StatusCode::UNAUTHORIZED)?;
|
||||
// TODO we should choose algo depending on http signature requested algo
|
||||
let pubkey = PKey::public_key_from_pem(user.public_key.as_bytes()).map_err(|_e| StatusCode::INTERNAL_SERVER_ERROR)?;
|
||||
let mut verifier = Verifier::new(MessageDigest::sha256(), &pubkey).map_err(|_e| StatusCode::INTERNAL_SERVER_ERROR)?;
|
||||
let mut verifier = Verifier::new(signature.digest(), &pubkey).map_err(|_e| StatusCode::INTERNAL_SERVER_ERROR)?;
|
||||
verifier.update(data.as_bytes()).map_err(|_e| StatusCode::INTERNAL_SERVER_ERROR)?;
|
||||
if verifier.verify(signature.signature.as_bytes()).map_err(|_e| StatusCode::INTERNAL_SERVER_ERROR)? {
|
||||
identity = Identity::Remote(user_id);
|
||||
|
@ -94,6 +93,21 @@ pub struct HttpSignature {
|
|||
signature: String,
|
||||
}
|
||||
|
||||
impl HttpSignature {
|
||||
pub fn digest(&self) -> MessageDigest {
|
||||
match self.algorithm.as_str() {
|
||||
"rsa-sha512" => MessageDigest::sha512(),
|
||||
"rsa-sha384" => MessageDigest::sha384(),
|
||||
"rsa-sha256" => MessageDigest::sha256(),
|
||||
"rsa-sha1" => MessageDigest::sha1(),
|
||||
_ => {
|
||||
tracing::error!("unknown digest algorithm, trying with rsa-sha256");
|
||||
MessageDigest::sha256()
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
impl TryFrom<&str> for HttpSignature {
|
||||
type Error = StatusCode; // TODO: quite ad hoc...
|
||||
|
||||
|
|
Loading…
Reference in a new issue