mirror of
https://github.com/ncarlier/webhookd.git
synced 2025-04-06 20:31:31 +00:00
f2054d2dc4
- add ed5519 HTTP signature support - refactor truststore package - add P12 trust store support close #72
29 lines
602 B
Go
29 lines
602 B
Go
package signature
|
|
|
|
import (
|
|
"fmt"
|
|
"net/http"
|
|
|
|
"github.com/go-fed/httpsig"
|
|
"github.com/ncarlier/webhookd/pkg/truststore"
|
|
)
|
|
|
|
// HTTPSignatureHandler validate request HTTP signature
|
|
func HTTPSignatureHandler(r *http.Request, ts truststore.TrustStore) error {
|
|
verifier, err := httpsig.NewVerifier(r)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
pubkeyID := verifier.KeyId()
|
|
pubkey := ts.GetPublicKey(pubkeyID)
|
|
if pubkey == nil {
|
|
return fmt.Errorf("public key not found: %s", pubkeyID)
|
|
}
|
|
// TODO dynamic algo
|
|
err = verifier.Verify(pubkey, httpsig.RSA_SHA256)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return nil
|
|
}
|