1 files changed, 54 insertions, 0 deletions
diff --git a/http.c b/http.c
index 7c9b598..8062806 100644
--- a/http.c
+++ b/http.c
@@ -99,3 +99,57 @@ d_char *http_signed_request(snac *snac, char *method, char *url,
    return response;
 }
+int check_signature(snac *snac, char *req)
+/* check the signature */
+{
+    char *sig_hdr = xs_dict_get(req, "signature");
+    xs *keyId = NULL;
+    xs *headers = NULL;
+    xs *signature = NULL;
+    char *pubkey;
+    char *p;
+    {
+        /* extract the values */
+        xs *l = xs_split(sig_hdr, ",");
+        char *v;
+        p = l;
+        while (xs_list_iter(&p, &v)) {
+            if (xs_startswith(v, "keyId"))
+                keyId = xs_crop(xs_dup(v), 7, -1);
+            else
+            if (xs_startswith(v, "headers"))
+                headers = xs_crop(xs_dup(v), 9, -1);
+            else
+            if (xs_startswith(v, "signature"))
+                signature = xs_crop(xs_dup(v), 12, -1);
+        }
+    }
+    if (keyId == NULL || headers == NULL || signature == NULL) {
+        snac_debug(snac, 1, xs_fmt("bad signature header"));
+        return 0;
+    }
+    /* strip the # from the keyId */
+    if ((p = strchr(keyId, '#')) != NULL)
+        *p = '\0';
+    /* the actor must already be here */
+    xs *actor = NULL;
+    if (!valid_status(actor_get(snac, keyId, &actor))) {
+        snac_debug(snac, 1, xs_fmt("check_signature unknown actor %s", keyId));
+        return 0;
+    }
+    if ((p = xs_dict_get(actor, "publicKey")) == NULL ||
+        ((pubkey = xs_dict_get(p, "publicKeyPem")) == NULL)) {
+        snac_debug(snac, 1, xs_fmt("cannot get pubkey from actor %s", keyId));
+        return 0;
+    }
+    return 1;
+}

diff --git a/http.c b/http.c index 7c9b598..8062806 100644 --- a/http.c +++ b/http.c
@@ -99,3 +99,57 @@ d_char http_signed_request(snac snac, char method, char url,
99		99
100	return response;	100	return response;
101	}	101	}
		102
		103
		104	int check_signature(snac snac, char req)
		105	/* check the signature */
		106	{
		107	char *sig_hdr = xs_dict_get(req, "signature");
		108	xs *keyId = NULL;
		109	xs *headers = NULL;
		110	xs *signature = NULL;
		111	char *pubkey;
		112	char *p;
		113
		114	{
		115	/* extract the values */
		116	xs *l = xs_split(sig_hdr, ",");
		117	char *v;
		118
		119	p = l;
		120	while (xs_list_iter(&p, &v)) {
		121	if (xs_startswith(v, "keyId"))
		122	keyId = xs_crop(xs_dup(v), 7, -1);
		123	else
		124	if (xs_startswith(v, "headers"))
		125	headers = xs_crop(xs_dup(v), 9, -1);
		126	else
		127	if (xs_startswith(v, "signature"))
		128	signature = xs_crop(xs_dup(v), 12, -1);
		129	}
		130	}
		131
		132	if (keyId == NULL \|\| headers == NULL \|\| signature == NULL) {
		133	snac_debug(snac, 1, xs_fmt("bad signature header"));
		134	return 0;
		135	}
		136
		137	/* strip the # from the keyId */
		138	if ((p = strchr(keyId, '#')) != NULL)
		139	*p = '\0';
		140
		141	/* the actor must already be here */
		142	xs *actor = NULL;
		143	if (!valid_status(actor_get(snac, keyId, &actor))) {
		144	snac_debug(snac, 1, xs_fmt("check_signature unknown actor %s", keyId));
		145	return 0;
		146	}
		147
		148	if ((p = xs_dict_get(actor, "publicKey")) == NULL \|\|
		149	((pubkey = xs_dict_get(p, "publicKeyPem")) == NULL)) {
		150	snac_debug(snac, 1, xs_fmt("cannot get pubkey from actor %s", keyId));
		151	return 0;
		152	}
		153
		154	return 1;
		155	}