diff options
author | Magnus Ahltorp <map@kth.se> | 2017-02-18 00:41:07 +0100 |
---|---|---|
committer | Magnus Ahltorp <map@kth.se> | 2017-02-18 00:41:07 +0100 |
commit | 8ecfbfa2a57708366763d7adbfcb87f9b0df7d03 (patch) | |
tree | c73012f287783d061a6bbf015dfe09b5dee1604d /src/http_auth.erl | |
parent | 8feab15047ea459eba1653b77157192f28ae5183 (diff) |
Require that storage servers sign stored entries
Diffstat (limited to 'src/http_auth.erl')
-rw-r--r-- | src/http_auth.erl | 19 |
1 files changed, 18 insertions, 1 deletions
diff --git a/src/http_auth.erl b/src/http_auth.erl index ff8c506..276e1cd 100644 --- a/src/http_auth.erl +++ b/src/http_auth.erl @@ -2,7 +2,7 @@ %%% See LICENSE for licensing information. -module(http_auth). --export([verify_auth/4, create_auth/3, init_key_table/0]). +-export([verify_auth/4, create_auth/3, init_key_table/0, sign_stored/1, verify_stored/3]). -define(KEY_TABLE, http_auth_keys). @@ -135,6 +135,23 @@ verify_auth(AuthHeader, Method, Path, Data) -> failure end. +sign_stored(Data) -> + {Key, KeyName} = own_key(), + Signature = public_key:sign(Data, sha256, Key), + {KeyName, Signature}. + +verify_stored(KeyName, Data, Signature) -> + case lookup_publickey(KeyName) of + nokey -> + lager:error("key name ~p could not be found", [KeyName]), + false; + failure -> + lager:error("signature ~p with key name ~p and data ~p did not check out", [Signature, KeyName, Data]), + false; + Key -> + public_key:verify(Data, sha256, Signature, Key) + end. + create_auth(Method, Path, Data) -> case own_key() of {Key, KeyName} -> |