mirror of
https://codeberg.org/grunfink/snac2.git
synced 2024-11-14 17:45:04 +00:00
New function check_signature() (incomplete).
This commit is contained in:
parent
c680f15d4e
commit
392c014c26
3 changed files with 59 additions and 1 deletions
|
@ -594,7 +594,10 @@ int process_message(snac *snac, char *msg, char *req)
|
|||
}
|
||||
|
||||
/* check the signature */
|
||||
/* ... */
|
||||
if (!check_signature(snac, req)) {
|
||||
snac_log(snac, xs_fmt("bad signature"));
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (strcmp(type, "Follow") == 0) {
|
||||
xs *reply = msg_accept(snac, msg, actor);
|
||||
|
|
54
http.c
54
http.c
|
@ -99,3 +99,57 @@ d_char *http_signed_request(snac *snac, char *method, char *url,
|
|||
|
||||
return response;
|
||||
}
|
||||
|
||||
|
||||
int check_signature(snac *snac, char *req)
|
||||
/* check the signature */
|
||||
{
|
||||
char *sig_hdr = xs_dict_get(req, "signature");
|
||||
xs *keyId = NULL;
|
||||
xs *headers = NULL;
|
||||
xs *signature = NULL;
|
||||
char *pubkey;
|
||||
char *p;
|
||||
|
||||
{
|
||||
/* extract the values */
|
||||
xs *l = xs_split(sig_hdr, ",");
|
||||
char *v;
|
||||
|
||||
p = l;
|
||||
while (xs_list_iter(&p, &v)) {
|
||||
if (xs_startswith(v, "keyId"))
|
||||
keyId = xs_crop(xs_dup(v), 7, -1);
|
||||
else
|
||||
if (xs_startswith(v, "headers"))
|
||||
headers = xs_crop(xs_dup(v), 9, -1);
|
||||
else
|
||||
if (xs_startswith(v, "signature"))
|
||||
signature = xs_crop(xs_dup(v), 12, -1);
|
||||
}
|
||||
}
|
||||
|
||||
if (keyId == NULL || headers == NULL || signature == NULL) {
|
||||
snac_debug(snac, 1, xs_fmt("bad signature header"));
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* strip the # from the keyId */
|
||||
if ((p = strchr(keyId, '#')) != NULL)
|
||||
*p = '\0';
|
||||
|
||||
/* the actor must already be here */
|
||||
xs *actor = NULL;
|
||||
if (!valid_status(actor_get(snac, keyId, &actor))) {
|
||||
snac_debug(snac, 1, xs_fmt("check_signature unknown actor %s", keyId));
|
||||
return 0;
|
||||
}
|
||||
|
||||
if ((p = xs_dict_get(actor, "publicKey")) == NULL ||
|
||||
((pubkey = xs_dict_get(p, "publicKeyPem")) == NULL)) {
|
||||
snac_debug(snac, 1, xs_fmt("cannot get pubkey from actor %s", keyId));
|
||||
return 0;
|
||||
}
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
|
1
snac.h
1
snac.h
|
@ -94,6 +94,7 @@ d_char *http_signed_request(snac *snac, char *method, char *url,
|
|||
d_char *headers,
|
||||
d_char *body, int b_size,
|
||||
int *status, d_char **payload, int *p_size);
|
||||
int check_signature(snac *snac, char *req);
|
||||
|
||||
void httpd(void);
|
||||
|
||||
|
|
Loading…
Reference in a new issue