5 files changed, 33 insertions, 9 deletions

diff --git a/license-generator/Cargo.lock b/license-generator/Cargo.lock
index b82881a..0b3c4f6 100644
--- a/license-generator/Cargo.lock
+++ b/license-generator/Cargo.lock
@@ -475,6 +475,7 @@ dependencies = [
 name = "paddle"
 version = "0.0.1"
 dependencies = [
+ "error-chain 0.12.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "openssl 0.10.15 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
 
diff --git a/license-generator/paddle/Cargo.toml b/license-generator/paddle/Cargo.toml
index 06d8b6b..a304aee 100644
--- a/license-generator/paddle/Cargo.toml
+++ b/license-generator/paddle/Cargo.toml
@@ -3,4 +3,5 @@ name = "paddle"
 version = "0.0.1"
 
 [dependencies]
+error-chain = "0.12.0"
 openssl = "0.10.15"
diff --git a/license-generator/paddle/src/lib.rs b/license-generator/paddle/src/lib.rs
index 11fd87f..bdebf1c 100644
--- a/license-generator/paddle/src/lib.rs
+++ b/license-generator/paddle/src/lib.rs
@@ -1,5 +1,17 @@
+#[macro_use]
+extern crate error_chain;
 extern crate openssl;
 
+pub mod errors {
+    use openssl;
+
+    error_chain! {
+        foreign_links {
+            Openssl(openssl::error::ErrorStack);
+        }
+    }
+}
+
 use std::fmt::Display;
 use std::ops::Deref;
 
@@ -8,21 +20,27 @@ use openssl::pkey::PKey;
 use openssl::rsa::Rsa;
 use openssl::sign::Verifier;
 
+use errors::*;
+
 
 // https://paddle.com/docs/reference-verifying-webhooks/
-pub fn verify_signature<'a, S, I>(pem: &[u8], signature: &str, params: I) -> bool
+pub fn verify_signature<'a, S, I>(
+    pem: &[u8],
+    signature: &str,
+    params: I,
+) -> Result<bool>
 where
     S: AsRef<str> + Deref<Target = str> + Display,
     I: IntoIterator<Item = (S, S)> + PartialOrd,
 {
-    let rsa = Rsa::public_key_from_pem(pem).unwrap();
-    let pkey = PKey::from_rsa(rsa).unwrap();
-    let mut verifier = Verifier::new(MessageDigest::sha1(), &pkey).unwrap();
-    verifier.update(signature.as_bytes()).unwrap();
+    let rsa = Rsa::public_key_from_pem(pem)?;
+    let pkey = PKey::from_rsa(rsa)?;
+    let mut verifier = Verifier::new(MessageDigest::sha1(), &pkey)?;
+    verifier.update(signature.as_bytes())?;
 
     let signature = php_serialize(params);
 
-    verifier.verify(signature.as_ref()).unwrap()
+    Ok(verifier.verify(signature.as_ref())?)
 }
 
 fn php_serialize<'a, S, I>(pairs: I) -> String
diff --git a/license-generator/src/errors.rs b/license-generator/src/errors.rs
index 0a28341..0799c3e 100644
--- a/license-generator/src/errors.rs
+++ b/license-generator/src/errors.rs
@@ -1,5 +1,6 @@
 use log;
 use mysql;
+use paddle;
 
 error_chain! {
     foreign_links {
@@ -8,5 +9,7 @@ error_chain! {
 
         Log(log::SetLoggerError);
         MySql(mysql::error::Error);
+
+        Paddle(paddle::errors::Error);
     }
 }
diff --git a/license-generator/src/request.rs b/license-generator/src/request.rs
index 103656c..94e5b8d 100644
--- a/license-generator/src/request.rs
+++ b/license-generator/src/request.rs
@@ -1,14 +1,15 @@
 use paddle;
 
+use errors::*;
 use params;
 
-pub fn verified(req_params: &str) -> bool {
+pub fn verified(req_params: &str) -> Result<bool> {
     let mut p = params::parse(&req_params);
     let signature = p.remove("p_signature");
     let pem = include_bytes!("../private/paddle.pubkey.asc");
 
     match signature {
-        Some(signature) => paddle::verify_signature(pem, &signature, p),
-        None => false,
+        Some(signature) => Ok(paddle::verify_signature(pem, &signature, p)?),
+        None => Ok(false),
     }
 }