diff options
author | Alex Auvolat <alex@adnab.me> | 2021-02-20 00:13:07 +0100 |
---|---|---|
committer | Alex Auvolat <alex@adnab.me> | 2021-02-20 00:13:07 +0100 |
commit | 10b983b8e7076b385f28f9c79cae19882b1db951 (patch) | |
tree | 63636984abbbacfceafb36244ad9b4d1518d1736 /src/api/signature.rs | |
parent | 1de96248e0e4aae27995eb08e9019842b327d1a3 (diff) | |
download | garage-10b983b8e7076b385f28f9c79cae19882b1db951.tar.gz garage-10b983b8e7076b385f28f9c79cae19882b1db951.zip |
Add verification of part numbers in CompleteMultipartUpload (WIP #30)
Diffstat (limited to 'src/api/signature.rs')
-rw-r--r-- | src/api/signature.rs | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/src/api/signature.rs b/src/api/signature.rs index 0ee47961..a9876462 100644 --- a/src/api/signature.rs +++ b/src/api/signature.rs @@ -6,7 +6,7 @@ use hyper::{Body, Method, Request}; use sha2::{Digest, Sha256}; use garage_table::*; -use garage_util::data::Hash; +use garage_util::data::{hash, Hash}; use garage_model::garage::Garage; use garage_model::key_table::*; @@ -293,3 +293,11 @@ fn canonical_query_string(uri: &hyper::Uri) -> String { "".to_string() } } + +pub fn verify_signed_content(content_sha256: Option<Hash>, body: &[u8]) -> Result<(), Error> { + let expected_sha256 = content_sha256.ok_or_bad_request("Request content hash not signed, aborting.")?; + if expected_sha256 != hash(body) { + return Err(Error::BadRequest(format!("Request content hash does not match signed hash"))); + } + Ok(()) +} |