aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--license-generator/Cargo.lock2
-rw-r--r--license-generator/Cargo.toml1
-rw-r--r--license-generator/paddle/Cargo.toml1
-rw-r--r--license-generator/paddle/src/lib.rs24
-rw-r--r--license-generator/src/errors.rs2
-rw-r--r--license-generator/src/lib.rs2
-rw-r--r--license-generator/src/request.rs12
7 files changed, 25 insertions, 19 deletions
diff --git a/license-generator/Cargo.lock b/license-generator/Cargo.lock
index aecdcce..4540e25 100644
--- a/license-generator/Cargo.lock
+++ b/license-generator/Cargo.lock
@@ -282,7 +282,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
name = "license-generator"
version = "0.0.1"
dependencies = [
- "base64 0.10.0 (registry+https://github.com/rust-lang/crates.io-index)",
"error-chain 0.12.0 (registry+https://github.com/rust-lang/crates.io-index)",
"fastcgi 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)",
"log 0.4.6 (registry+https://github.com/rust-lang/crates.io-index)",
@@ -476,6 +475,7 @@ dependencies = [
name = "paddle"
version = "0.0.1"
dependencies = [
+ "base64 0.10.0 (registry+https://github.com/rust-lang/crates.io-index)",
"error-chain 0.12.0 (registry+https://github.com/rust-lang/crates.io-index)",
"openssl 0.10.15 (registry+https://github.com/rust-lang/crates.io-index)",
]
diff --git a/license-generator/Cargo.toml b/license-generator/Cargo.toml
index 3107ee8..b50bec1 100644
--- a/license-generator/Cargo.toml
+++ b/license-generator/Cargo.toml
@@ -3,7 +3,6 @@ name = "license-generator"
version = "0.0.1"
[dependencies]
-base64 = "0.10.0"
error-chain = "0.12.0"
fastcgi = "1.0.0"
log = "0.4.6"
diff --git a/license-generator/paddle/Cargo.toml b/license-generator/paddle/Cargo.toml
index a304aee..34af6d4 100644
--- a/license-generator/paddle/Cargo.toml
+++ b/license-generator/paddle/Cargo.toml
@@ -3,5 +3,6 @@ name = "paddle"
version = "0.0.1"
[dependencies]
+base64 = "0.10.0"
error-chain = "0.12.0"
openssl = "0.10.15"
diff --git a/license-generator/paddle/src/lib.rs b/license-generator/paddle/src/lib.rs
index be10a76..6d685cd 100644
--- a/license-generator/paddle/src/lib.rs
+++ b/license-generator/paddle/src/lib.rs
@@ -1,14 +1,24 @@
+extern crate base64;
+
#[macro_use]
extern crate error_chain;
extern crate openssl;
pub mod errors {
+ use base64;
use openssl;
error_chain! {
foreign_links {
+ Base64(base64::DecodeError);
Openssl(openssl::error::ErrorStack);
}
+
+ errors {
+ SignatureNotFound {
+ display("no signature could be found in params")
+ }
+ }
}
}
@@ -26,21 +36,29 @@ use errors::*;
// https://paddle.com/docs/reference-verifying-webhooks/
pub fn verify_signature<'a, S, I>(
pem: &[u8],
- signature: &[u8],
params: I,
) -> Result<bool>
where
- S: AsRef<str> + Deref<Target = str> + Display,
+ S: AsRef<str> + Deref<Target = str> + PartialEq<str> + PartialOrd + Display,
I: IntoIterator<Item = (S, S)> + PartialOrd,
{
let rsa = Rsa::public_key_from_pem(pem)?;
let pkey = PKey::from_rsa(rsa)?;
let mut verifier = Verifier::new(MessageDigest::sha1(), &pkey)?;
+ let (signature_params, params): (Vec<_>, Vec<_>) = params
+ .into_iter()
+ .partition(|(k, _v)| k == "p_signature");
+ let signature = &signature_params
+ .first()
+ .ok_or(ErrorKind::SignatureNotFound)?
+ .1;
+ let signature = base64::decode(signature.as_bytes())?;
+
let digest = php_serialize(params);
verifier.update(digest.as_bytes())?;
- Ok(verifier.verify(signature)?)
+ Ok(verifier.verify(&signature)?)
}
fn php_serialize<'a, S, I>(pairs: I) -> String
diff --git a/license-generator/src/errors.rs b/license-generator/src/errors.rs
index e21edd4..0799c3e 100644
--- a/license-generator/src/errors.rs
+++ b/license-generator/src/errors.rs
@@ -1,4 +1,3 @@
-use base64;
use log;
use mysql;
use paddle;
@@ -8,7 +7,6 @@ error_chain! {
EnvVar(::std::env::VarError);
Io(::std::io::Error);
- Base64(base64::DecodeError);
Log(log::SetLoggerError);
MySql(mysql::error::Error);
diff --git a/license-generator/src/lib.rs b/license-generator/src/lib.rs
index e2c02b6..bf3ed57 100644
--- a/license-generator/src/lib.rs
+++ b/license-generator/src/lib.rs
@@ -1,5 +1,3 @@
-extern crate base64;
-
#[macro_use]
extern crate error_chain;
extern crate log;
diff --git a/license-generator/src/request.rs b/license-generator/src/request.rs
index 325fdec..190a756 100644
--- a/license-generator/src/request.rs
+++ b/license-generator/src/request.rs
@@ -1,19 +1,11 @@
-use base64;
use paddle;
use errors::*;
use params;
pub fn verified(req_params: &str) -> Result<bool> {
- let mut p = params::parse(&req_params);
- let signature = p.remove("p_signature");
+ let p = params::parse(&req_params);
let pem = include_bytes!("../private/paddle.pubkey.asc");
- match signature {
- Some(signature) => {
- let signature = base64::decode(signature.as_bytes())?;
- Ok(paddle::verify_signature(pem, &signature, p)?)
- },
- None => Ok(false),
- }
+ Ok(paddle::verify_signature(pem, p)?)
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-15 12:31:14 +0000