diff --git a/plume-common/src/activity_pub/sign.rs b/plume-common/src/activity_pub/sign.rs index eb82a326..9d2f39ce 100644 --- a/plume-common/src/activity_pub/sign.rs +++ b/plume-common/src/activity_pub/sign.rs @@ -20,6 +20,8 @@ pub trait Signer { /// Sign some data with the signer keypair fn sign(&self, to_sign: String) -> Vec; + /// Verify if the signature is valid + fn verify(&self, data: String, signature: Vec) -> bool; } pub trait Signable { diff --git a/plume-models/src/blogs.rs b/plume-models/src/blogs.rs index c825f6aa..3018d090 100644 --- a/plume-models/src/blogs.rs +++ b/plume-models/src/blogs.rs @@ -12,7 +12,7 @@ use openssl::{ hash::MessageDigest, pkey::{PKey, Private}, rsa::Rsa, - sign::Signer + sign::{Signer,Verifier} }; use webfinger::*; @@ -309,6 +309,13 @@ impl sign::Signer for Blog { signer.update(to_sign.as_bytes()).unwrap(); signer.sign_to_vec().unwrap() } + + fn verify(&self, data: String, signature: Vec) -> bool { + let key = PKey::from_rsa(Rsa::public_key_from_pem(self.public_key.as_ref()).unwrap()).unwrap(); + let mut verifier = Verifier::new(MessageDigest::sha256(), &key).unwrap(); + verifier.update(data.as_bytes()).unwrap(); + verifier.verify(&signature).unwrap() + } } impl NewBlog { diff --git a/plume-models/src/users.rs b/plume-models/src/users.rs index d8addb19..58d01b55 100644 --- a/plume-models/src/users.rs +++ b/plume-models/src/users.rs @@ -604,6 +604,13 @@ impl Signer for User { signer.update(to_sign.as_bytes()).unwrap(); signer.sign_to_vec().unwrap() } + + fn verify(&self, data: String, signature: Vec) -> bool { + let key = PKey::from_rsa(Rsa::public_key_from_pem(self.public_key.as_ref()).unwrap()).unwrap(); + let mut verifier = sign::Verifier::new(MessageDigest::sha256(), &key).unwrap(); + verifier.update(data.as_bytes()).unwrap(); + verifier.verify(&signature).unwrap() + } } impl NewUser {