activitypub-federation-rust/src/core/axum/digest.rs

use axum::http::HeaderValue;
use sha2::{Digest, Sha256};

#[derive(Clone, Debug)]
pub struct DigestPart {
    pub algorithm: String,
    pub digest: String,
}

impl DigestPart {
    pub fn try_from_header(h: &HeaderValue) -> Option<Vec<DigestPart>> {
        let h = h.to_str().ok()?.split(';').next()?;
        let v: Vec<_> = h
            .split(',')
            .filter_map(|p| {
                let mut iter = p.splitn(2, '=');
                iter.next()
                    .and_then(|alg| iter.next().map(|value| (alg, value)))
            })
            .map(|(alg, value)| DigestPart {
                algorithm: alg.to_owned(),
                digest: value.to_owned(),
            })
            .collect();

        if v.is_empty() {
            None
        } else {
            Some(v)
        }
    }
}

pub fn verify_sha256(digests: &[DigestPart], payload: &[u8]) -> bool {
    let mut hasher = Sha256::new();

    for part in digests {
        hasher.update(payload);
        if base64::encode(hasher.finalize_reset()) != part.digest {
            return false;
        }
    }

    true
}
feat: add axum compat (#12) * feat: add actix feature flag * (WIP)feat: add axum feature * WIP: axum veridy digest + example Note: this does not compile yet * WIP * chore: clippy lints * Use actix rt for axum example * ci: run example in CI for both actix and axum * feat: add json wrapper type for axum * docs: update readme with actix and axum feature flags * fix: fix ci * chore: more clippy lints * refactor: update according to PR comment and factorize 'verify_digest' 2022-11-28 13:19:56 -08:00			`use axum::http::HeaderValue;`
			`use sha2::{Digest, Sha256};`

			`#[derive(Clone, Debug)]`
			`pub struct DigestPart {`
			`pub algorithm: String,`
			`pub digest: String,`
			`}`

			`impl DigestPart {`
			`pub fn try_from_header(h: &HeaderValue) -> Option<Vec<DigestPart>> {`
			`let h = h.to_str().ok()?.split(';').next()?;`
			`let v: Vec<_> = h`
			`.split(',')`
			`.filter_map(\|p\| {`
			`let mut iter = p.splitn(2, '=');`
			`iter.next()`
			`.and_then(\|alg\| iter.next().map(\|value\| (alg, value)))`
			`})`
			`.map(\|(alg, value)\| DigestPart {`
			`algorithm: alg.to_owned(),`
			`digest: value.to_owned(),`
			`})`
			`.collect();`

			`if v.is_empty() {`
			`None`
			`} else {`
			`Some(v)`
			`}`
			`}`
			`}`

			`pub fn verify_sha256(digests: &[DigestPart], payload: &[u8]) -> bool {`
			`let mut hasher = Sha256::new();`

			`for part in digests {`
			`hasher.update(payload);`
			`if base64::encode(hasher.finalize_reset()) != part.digest {`
			`return false;`
			`}`
			`}`

			`true`
			`}`