Make Plume compile on release (#365)
* Remove use of String for body parameters Create SignedJson and implement FromData for it * Make Travis test on release * Remove warning when installing and fix coverage
This commit is contained in:
@@ -41,6 +41,10 @@ impl Digest {
|
||||
}
|
||||
}
|
||||
|
||||
pub fn verify_header(&self, other: &Digest) -> bool {
|
||||
self.value()==other.value()
|
||||
}
|
||||
|
||||
pub fn algorithm(&self) -> &str {
|
||||
let pos = self
|
||||
.0
|
||||
@@ -69,6 +73,13 @@ impl Digest {
|
||||
Err(())
|
||||
}
|
||||
}
|
||||
|
||||
pub fn from_body(body: &str) -> Self {
|
||||
let mut hasher = Hasher::new(MessageDigest::sha256()).expect("Digest::digest: initialization error");
|
||||
hasher.update(body.as_bytes()).expect("Digest::digest: content insertion error");
|
||||
let res = base64::encode(&hasher.finish().expect("Digest::digest: finalizing error"));
|
||||
Digest(format!("SHA-256={}", res))
|
||||
}
|
||||
}
|
||||
|
||||
pub fn headers() -> HeaderMap {
|
||||
|
||||
@@ -129,7 +129,7 @@ impl SignatureValidity {
|
||||
pub fn verify_http_headers<S: Signer + ::std::fmt::Debug>(
|
||||
sender: &S,
|
||||
all_headers: &HeaderMap,
|
||||
data: &str,
|
||||
data: &request::Digest,
|
||||
) -> SignatureValidity {
|
||||
let sig_header = all_headers.get_one("Signature");
|
||||
if sig_header.is_none() {
|
||||
@@ -176,7 +176,7 @@ pub fn verify_http_headers<S: Signer + ::std::fmt::Debug>(
|
||||
}
|
||||
let digest = all_headers.get_one("digest").unwrap_or("");
|
||||
let digest = request::Digest::from_header(digest);
|
||||
if !digest.map(|d| d.verify(&data)).unwrap_or(false) {
|
||||
if !digest.map(|d| d.verify_header(&data)).unwrap_or(false) {
|
||||
// signature was valid, but body content does not match its digest
|
||||
return SignatureValidity::Invalid;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user