Fix hashing sum bug for digests
このコミットが含まれているのは:
コミット
f4c3604119
|
@ -61,7 +61,8 @@ func addDigest(r *http.Request, algo DigestAlgorithm, b []byte) (err error) {
|
|||
if err != nil {
|
||||
return
|
||||
}
|
||||
sum := h.Sum(b)
|
||||
h.Write(b)
|
||||
sum := h.Sum(nil)
|
||||
r.Header.Add(digestHeader,
|
||||
fmt.Sprintf("%s%s%s",
|
||||
a,
|
||||
|
@ -82,7 +83,8 @@ func addDigestResponse(r http.ResponseWriter, algo DigestAlgorithm, b []byte) (e
|
|||
if err != nil {
|
||||
return
|
||||
}
|
||||
sum := h.Sum(b)
|
||||
h.Write(b)
|
||||
sum := h.Sum(nil)
|
||||
r.Header().Add(digestHeader,
|
||||
fmt.Sprintf("%s%s%s",
|
||||
a,
|
||||
|
@ -107,7 +109,8 @@ func verifyDigest(r *http.Request, body *bytes.Buffer) (err error) {
|
|||
if err != nil {
|
||||
return
|
||||
}
|
||||
sum := h.Sum(body.Bytes())
|
||||
h.Write(body.Bytes())
|
||||
sum := h.Sum(nil)
|
||||
encSum := base64.StdEncoding.EncodeToString(sum[:])
|
||||
if encSum != elem[1] {
|
||||
err = fmt.Errorf("cannot verify Digest: header Digest does not match the digest of the request body")
|
||||
|
|
|
@ -23,7 +23,7 @@ func TestAddDigest(t *testing.T) {
|
|||
},
|
||||
algo: "SHA-256",
|
||||
body: []byte("johnny grab your gun"),
|
||||
expectedDigest: "SHA-256=am9obm55IGdyYWIgeW91ciBndW7jsMRCmPwcFJr79MiZb7kkJ65B5GSbk0yklZkbeFK4VQ==",
|
||||
expectedDigest: "SHA-256=RYiuVuVdRpU+BWcNUUg3sf0EbJjQ9LDj9tUqR546hhk=",
|
||||
},
|
||||
{
|
||||
name: "adds sha512 digest",
|
||||
|
@ -33,7 +33,7 @@ func TestAddDigest(t *testing.T) {
|
|||
},
|
||||
algo: "SHA-512",
|
||||
body: []byte("yours is the drill that will pierce the heavens"),
|
||||
expectedDigest: "SHA-512=eW91cnMgaXMgdGhlIGRyaWxsIHRoYXQgd2lsbCBwaWVyY2UgdGhlIGhlYXZlbnPPg+E1fu+4vfFUKFDWbYAH1iDkBQtXFdyD9Kkh02zpzkfQ0TxdhfKw/4MY0od+7C9juTG9R0F6gaU4Mnr5J9o+",
|
||||
expectedDigest: "SHA-512=bM0eBRnZkuiOTsejYNb/UpvFozde+Do1ZqlXfRTS39aGmoEzoXBpjmIIuznPslc3kaprUtI/VXH8/5HsD+thGg==",
|
||||
},
|
||||
{
|
||||
name: "digest already set",
|
||||
|
@ -90,7 +90,7 @@ func TestVerifyDigest(t *testing.T) {
|
|||
name: "verify sha256",
|
||||
r: func() *http.Request {
|
||||
r, _ := http.NewRequest("POST", "example.com", nil)
|
||||
r.Header.Set("Digest", "SHA-256=am9obm55IGdyYWIgeW91ciBndW7jsMRCmPwcFJr79MiZb7kkJ65B5GSbk0yklZkbeFK4VQ==")
|
||||
r.Header.Set("Digest", "SHA-256=RYiuVuVdRpU+BWcNUUg3sf0EbJjQ9LDj9tUqR546hhk=")
|
||||
return r
|
||||
},
|
||||
body: []byte("johnny grab your gun"),
|
||||
|
@ -99,7 +99,7 @@ func TestVerifyDigest(t *testing.T) {
|
|||
name: "verify sha512",
|
||||
r: func() *http.Request {
|
||||
r, _ := http.NewRequest("POST", "example.com", nil)
|
||||
r.Header.Set("Digest", "SHA-512=eW91cnMgaXMgdGhlIGRyaWxsIHRoYXQgd2lsbCBwaWVyY2UgdGhlIGhlYXZlbnPPg+E1fu+4vfFUKFDWbYAH1iDkBQtXFdyD9Kkh02zpzkfQ0TxdhfKw/4MY0od+7C9juTG9R0F6gaU4Mnr5J9o+")
|
||||
r.Header.Set("Digest", "SHA-512=bM0eBRnZkuiOTsejYNb/UpvFozde+Do1ZqlXfRTS39aGmoEzoXBpjmIIuznPslc3kaprUtI/VXH8/5HsD+thGg==")
|
||||
return r
|
||||
},
|
||||
body: []byte("yours is the drill that will pierce the heavens"),
|
||||
|
|
|
@ -84,7 +84,7 @@ func init() {
|
|||
pubKey: privKey.Public(),
|
||||
pubKeyId: "pubKeyId",
|
||||
expectedAlgorithm: RSA_SHA512,
|
||||
expectedDigest: "SHA-256=TGFzdCBuaWdodCBhcyBJIGxheSBkcmVhbWluZyBUaGlzIHN0cmFuZ2VzdCBraW5kIG9mIGZlZWxpbmcgUmV2ZWFsZWQgaXRzIHNlY3JldCBtZWFuaW5nIEFuZCBub3cgSSBrbm93Li4u47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=",
|
||||
expectedDigest: "SHA-256=07PJQngqg8+BlomdI6zM7ieOxhINWI+iivJxBDSm3Dg=",
|
||||
},
|
||||
{
|
||||
name: "hmac signature",
|
||||
|
@ -108,7 +108,7 @@ func init() {
|
|||
pubKey: macKey,
|
||||
pubKeyId: "pubKeyId",
|
||||
expectedAlgorithm: HMAC_SHA256,
|
||||
expectedDigest: "SHA-256=SSd2ZSBuZXZlciBldmVyIGJlZW4gdG8gcGFyYWRpc2UgSSd2ZSBuZXZlciBldmVyIHNlZW4gbm8gYW5nZWwncyBleWVzIFlvdSdsbCBuZXZlciBldmVyIGxldCB0aGlzIG1hZ2ljIGRpZSBObyBtYXR0ZXIgd2hlcmUgeW91IGFyZSwgeW91IGFyZSBteSBsdWNreSBzdGFyLuOwxEKY/BwUmvv0yJlvuSQnrkHkZJuTTKSVmRt4UrhV",
|
||||
expectedDigest: "SHA-256=d0JoDjbDZRZF7/gUdgrazZCdKCJ9z9uUcMd6n1YKWRU=",
|
||||
},
|
||||
{
|
||||
name: "rsa authorization",
|
||||
|
|
読み込み中…
新しいイシューから参照