http_signature_normalization_actix_extractor/
sha2_digest.rs1use crate::{DigestName, DigestPart, VerifyDigest};
2use sha2::{Sha224, Sha256, Sha384, Sha512};
3
4impl DigestName for Sha224 {
5 const NAME: &'static str = "SHA-244";
6}
7
8impl DigestName for Sha256 {
9 const NAME: &'static str = "SHA-256";
10}
11
12impl DigestName for Sha384 {
13 const NAME: &'static str = "SHA-384";
14}
15
16impl DigestName for Sha512 {
17 const NAME: &'static str = "SHA-512";
18}
19
20fn verify<D: sha2::Digest + sha2::digest::FixedOutputReset>(
21 digest: &mut D,
22 name: &str,
23 parts: &[DigestPart],
24) -> bool {
25 use subtle::ConstantTimeEq;
26
27 if let Some(decoded) = parts.iter().find_map(|p| {
28 if p.algorithm.to_lowercase() == name.to_lowercase() {
29 base64::decode(&p.digest).ok()
30 } else {
31 None
32 }
33 }) {
34 return digest.finalize_reset().ct_eq(&decoded).into();
35 }
36
37 false
38}
39
40impl VerifyDigest for Sha224 {
41 fn update(&mut self, part: &[u8]) {
42 sha2::Digest::update(self, part);
43 }
44
45 fn verify(&mut self, parts: &[DigestPart]) -> bool {
46 verify(self, Self::NAME, parts)
47 }
48}
49
50impl VerifyDigest for Sha256 {
51 fn update(&mut self, part: &[u8]) {
52 sha2::Digest::update(self, part);
53 }
54
55 fn verify(&mut self, parts: &[DigestPart]) -> bool {
56 verify(self, Self::NAME, parts)
57 }
58}
59
60impl VerifyDigest for Sha384 {
61 fn update(&mut self, part: &[u8]) {
62 sha2::Digest::update(self, part);
63 }
64
65 fn verify(&mut self, parts: &[DigestPart]) -> bool {
66 verify(self, Self::NAME, parts)
67 }
68}
69
70impl VerifyDigest for Sha512 {
71 fn update(&mut self, part: &[u8]) {
72 sha2::Digest::update(self, part);
73 }
74
75 fn verify(&mut self, parts: &[DigestPart]) -> bool {
76 verify(self, Self::NAME, parts)
77 }
78}