Improve error in signature verification (again)

This commit is contained in:
asonix 2022-11-22 15:25:42 -06:00
parent 5cd0b21ae3
commit ab7d940de9
2 changed files with 8 additions and 2 deletions

View file

@ -103,6 +103,9 @@ pub(crate) enum ErrorKind {
#[error("Couldn't read signature")]
ReadSignature(signature::Error),
#[error("Couldn't verify signature")]
VerifySignature(signature::Error),
#[error("Couldn't parse the signature header")]
HeaderValidation(#[from] actix_web::http::header::InvalidHeaderValue),

View file

@ -16,7 +16,7 @@ use std::{future::Future, pin::Pin};
pub(crate) struct MyVerify(pub Requests, pub ActorCache, pub State);
impl MyVerify {
#[tracing::instrument("Verify signature", skip(self, signature))]
#[tracing::instrument("Verify request", skip(self, signature, signing_string))]
async fn verify(
&self,
algorithm: Option<Algorithm>,
@ -106,6 +106,7 @@ impl PublicKeyResponse {
}
}
#[tracing::instrument("Verify signature")]
async fn do_verify(
public_key: &str,
signature: String,
@ -121,7 +122,9 @@ async fn do_verify(
let hashed = Sha256::new_with_prefix(signing_string.as_bytes());
let verifying_key = VerifyingKey::new_with_prefix(public_key);
verifying_key.verify_digest(hashed, &signature)?;
verifying_key
.verify_digest(hashed, &signature)
.map_err(ErrorKind::VerifySignature)?;
Ok(()) as Result<(), Error>
})