refactor: Change config private key type to K256Secret
#30
2 changed files with 4 additions and 16 deletions
|
@ -71,11 +71,10 @@ pub async fn signature_check(
|
||||||
};
|
};
|
||||||
|
|
||||||
if !utils::is_valid_nonce(&signature, &depot.nonce_cache()).await
|
if !utils::is_valid_nonce(&signature, &depot.nonce_cache()).await
|
||||||
|| !utils::is_valid_signature(
|
|| !depot.config().server.private_key.verify(
|
||||||
&sender_public_key,
|
|
||||||
&depot.config().server.private_key,
|
|
||||||
&signature,
|
|
||||||
data.as_bytes(),
|
data.as_bytes(),
|
||||||
|
&signature,
|
||||||
|
&sender_public_key,
|
||||||
)
|
)
|
||||||
{
|
{
|
||||||
write_err("Invalid signature", UNAUTHORIZED);
|
write_err("Invalid signature", UNAUTHORIZED);
|
||||||
|
|
|
@ -22,8 +22,7 @@ use chrono::Utc;
|
||||||
use logcall::logcall;
|
use logcall::logcall;
|
||||||
use oxidetalis_config::Postgres;
|
use oxidetalis_config::Postgres;
|
||||||
use oxidetalis_core::{
|
use oxidetalis_core::{
|
||||||
cipher::K256Secret,
|
types::{PublicKey, Signature},
|
||||||
types::{PrivateKey, PublicKey, Signature},
|
|
||||||
PUBLIC_KEY_HEADER,
|
PUBLIC_KEY_HEADER,
|
||||||
SIGNATURE_HEADER,
|
SIGNATURE_HEADER,
|
||||||
};
|
};
|
||||||
|
@ -50,16 +49,6 @@ pub(crate) async fn is_valid_nonce(signature: &Signature, nonce_cache: &NonceCac
|
||||||
new_timestamp && unused_nonce
|
new_timestamp && unused_nonce
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Returns true if the given signature is valid.
|
|
||||||
pub(crate) fn is_valid_signature(
|
|
||||||
signer: &PublicKey,
|
|
||||||
private_key: &PrivateKey,
|
|
||||||
signature: &Signature,
|
|
||||||
data: &[u8],
|
|
||||||
) -> bool {
|
|
||||||
K256Secret::from_privkey(private_key).verify(data, signature, signer)
|
|
||||||
}
|
|
||||||
|
|
||||||
/// Extract the sender public key from the request
|
/// Extract the sender public key from the request
|
||||||
///
|
///
|
||||||
/// Returns the public key of the sender extracted from the request, or the
|
/// Returns the public key of the sender extracted from the request, or the
|
||||||
|
|
Loading…
Reference in a new issue