Code style improvement
This commit is contained in:
parent
3466e55548
commit
0d6a2af851
@ -97,46 +97,47 @@ impl SignatureValidity {
|
|||||||
}
|
}
|
||||||
|
|
||||||
pub fn verify_http_headers<S: Signer+::std::fmt::Debug>(sender: &S, all_headers: HeaderMap, data: String) -> SignatureValidity{
|
pub fn verify_http_headers<S: Signer+::std::fmt::Debug>(sender: &S, all_headers: HeaderMap, data: String) -> SignatureValidity{
|
||||||
if let Some(sig_header) = all_headers.get_one("Signature") {
|
let sig_header = all_headers.get_one("Signature");
|
||||||
let mut _key_id = None;
|
if sig_header.is_none() {
|
||||||
let mut _algorithm = None;
|
return SignatureValidity::Absent
|
||||||
let mut headers = None;
|
}
|
||||||
let mut signature = None;
|
let sig_header = sig_header.unwrap();
|
||||||
for part in sig_header.split(',') {
|
|
||||||
match part {
|
let mut _key_id = None;
|
||||||
part if part.starts_with("keyId=") => _key_id = Some(&part[7..part.len()-1]),
|
let mut _algorithm = None;
|
||||||
part if part.starts_with("algorithm=") => _algorithm = Some(&part[11..part.len()-1]),
|
let mut headers = None;
|
||||||
part if part.starts_with("headers=") => headers = Some(&part[9..part.len()-1]),
|
let mut signature = None;
|
||||||
part if part.starts_with("signature=") => signature = Some(&part[11..part.len()-1]),
|
for part in sig_header.split(',') {
|
||||||
_ => {},
|
match part {
|
||||||
}
|
part if part.starts_with("keyId=") => _key_id = Some(&part[7..part.len()-1]),
|
||||||
}
|
part if part.starts_with("algorithm=") => _algorithm = Some(&part[11..part.len()-1]),
|
||||||
if signature.is_some() && headers.is_some() {
|
part if part.starts_with("headers=") => headers = Some(&part[9..part.len()-1]),
|
||||||
let headers = headers.unwrap().split_whitespace().collect::<Vec<_>>();
|
part if part.starts_with("signature=") => signature = Some(&part[11..part.len()-1]),
|
||||||
let signature = signature.unwrap();
|
_ => {},
|
||||||
let h = headers.iter()
|
|
||||||
.map(|header| (header,all_headers.get_one(header)))
|
|
||||||
.map(|(header, value)| format!("{}: {}", header.to_lowercase(), value.unwrap_or("")))
|
|
||||||
.collect::<Vec<_>>().join("\n");
|
|
||||||
if sender.verify(h, base64::decode(signature).unwrap_or(Vec::new())) {
|
|
||||||
if headers.contains(&"digest") {
|
|
||||||
let digest = all_headers.get_one("digest").unwrap_or("");
|
|
||||||
let digest = request::Digest::from_header(digest);
|
|
||||||
if digest.map(|d| d.verify(data)).unwrap_or(false) {
|
|
||||||
SignatureValidity::Valid
|
|
||||||
} else {
|
|
||||||
SignatureValidity::Invalid
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
SignatureValidity::ValidNoDigest
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
SignatureValidity::Invalid
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
SignatureValidity::Invalid
|
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if signature.is_none() || headers.is_none() {//missing part of the header
|
||||||
|
return SignatureValidity::Invalid
|
||||||
|
}
|
||||||
|
let headers = headers.unwrap().split_whitespace().collect::<Vec<_>>();
|
||||||
|
let signature = signature.unwrap();
|
||||||
|
let h = headers.iter()
|
||||||
|
.map(|header| (header,all_headers.get_one(header)))
|
||||||
|
.map(|(header, value)| format!("{}: {}", header.to_lowercase(), value.unwrap_or("")))
|
||||||
|
.collect::<Vec<_>>().join("\n");
|
||||||
|
|
||||||
|
if !sender.verify(h, base64::decode(signature).unwrap_or(Vec::new())) {
|
||||||
|
return SignatureValidity::Invalid
|
||||||
|
}
|
||||||
|
if !headers.contains(&"digest") {// signature is valid, but body content is not verified
|
||||||
|
return SignatureValidity::ValidNoDigest
|
||||||
|
}
|
||||||
|
let digest = all_headers.get_one("digest").unwrap_or("");
|
||||||
|
let digest = request::Digest::from_header(digest);
|
||||||
|
if !digest.map(|d| d.verify(data)).unwrap_or(false) {// signature was valid, but body content does not match its digest
|
||||||
|
SignatureValidity::Invalid
|
||||||
} else {
|
} else {
|
||||||
SignatureValidity::Absent
|
SignatureValidity::Valid// all check passed
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user