diff options
Diffstat (limited to 'src/api/signature.rs')
| -rw-r--r-- | src/api/signature.rs | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/src/api/signature.rs b/src/api/signature.rs index 0ee47961..a9876462 100644 --- a/src/api/signature.rs +++ b/src/api/signature.rs @@ -6,7 +6,7 @@ use hyper::{Body, Method, Request}; use sha2::{Digest, Sha256}; use garage_table::*; -use garage_util::data::Hash; +use garage_util::data::{hash, Hash}; use garage_model::garage::Garage; use garage_model::key_table::*; @@ -293,3 +293,11 @@ fn canonical_query_string(uri: &hyper::Uri) -> String { "".to_string() } } + +pub fn verify_signed_content(content_sha256: Option<Hash>, body: &[u8]) -> Result<(), Error> { + let expected_sha256 = content_sha256.ok_or_bad_request("Request content hash not signed, aborting.")?; + if expected_sha256 != hash(body) { + return Err(Error::BadRequest(format!("Request content hash does not match signed hash"))); + } + Ok(()) +} |