1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
use crate::{DigestName, DigestPart, VerifyDigest};
use sha2::{Sha224, Sha256, Sha384, Sha512};
impl DigestName for Sha224 {
const NAME: &'static str = "SHA-244";
}
impl DigestName for Sha256 {
const NAME: &'static str = "SHA-256";
}
impl DigestName for Sha384 {
const NAME: &'static str = "SHA-384";
}
impl DigestName for Sha512 {
const NAME: &'static str = "SHA-512";
}
fn verify<D: sha2::Digest + sha2::digest::FixedOutputReset>(
digest: &mut D,
name: &str,
parts: &[DigestPart],
) -> bool {
use subtle::ConstantTimeEq;
if let Some(decoded) = parts.iter().find_map(|p| {
if p.algorithm.to_lowercase() == name.to_lowercase() {
base64::decode(&p.digest).ok()
} else {
None
}
}) {
return digest.finalize_reset().ct_eq(&decoded).into();
}
false
}
impl VerifyDigest for Sha224 {
fn update(&mut self, part: &[u8]) {
sha2::Digest::update(self, part);
}
fn verify(&mut self, parts: &[DigestPart]) -> bool {
verify(self, Self::NAME, parts)
}
}
impl VerifyDigest for Sha256 {
fn update(&mut self, part: &[u8]) {
sha2::Digest::update(self, part);
}
fn verify(&mut self, parts: &[DigestPart]) -> bool {
verify(self, Self::NAME, parts)
}
}
impl VerifyDigest for Sha384 {
fn update(&mut self, part: &[u8]) {
sha2::Digest::update(self, part);
}
fn verify(&mut self, parts: &[DigestPart]) -> bool {
verify(self, Self::NAME, parts)
}
}
impl VerifyDigest for Sha512 {
fn update(&mut self, part: &[u8]) {
sha2::Digest::update(self, part);
}
fn verify(&mut self, parts: &[DigestPart]) -> bool {
verify(self, Self::NAME, parts)
}
}