aboutsummaryrefslogtreecommitdiff
path: root/src/api/signature.rs
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2021-02-20 00:13:07 +0100
committerAlex Auvolat <alex@adnab.me>2021-02-20 00:13:07 +0100
commit10b983b8e7076b385f28f9c79cae19882b1db951 (patch)
tree63636984abbbacfceafb36244ad9b4d1518d1736 /src/api/signature.rs
parent1de96248e0e4aae27995eb08e9019842b327d1a3 (diff)
downloadgarage-10b983b8e7076b385f28f9c79cae19882b1db951.tar.gz
garage-10b983b8e7076b385f28f9c79cae19882b1db951.zip
Add verification of part numbers in CompleteMultipartUpload (WIP #30)
Diffstat (limited to 'src/api/signature.rs')
-rw-r--r--src/api/signature.rs10
1 files changed, 9 insertions, 1 deletions
diff --git a/src/api/signature.rs b/src/api/signature.rs
index 0ee47961..a9876462 100644
--- a/src/api/signature.rs
+++ b/src/api/signature.rs
@@ -6,7 +6,7 @@ use hyper::{Body, Method, Request};
use sha2::{Digest, Sha256};
use garage_table::*;
-use garage_util::data::Hash;
+use garage_util::data::{hash, Hash};
use garage_model::garage::Garage;
use garage_model::key_table::*;
@@ -293,3 +293,11 @@ fn canonical_query_string(uri: &hyper::Uri) -> String {
"".to_string()
}
}
+
+pub fn verify_signed_content(content_sha256: Option<Hash>, body: &[u8]) -> Result<(), Error> {
+ let expected_sha256 = content_sha256.ok_or_bad_request("Request content hash not signed, aborting.")?;
+ if expected_sha256 != hash(body) {
+ return Err(Error::BadRequest(format!("Request content hash does not match signed hash")));
+ }
+ Ok(())
+}