shimun/ssh-cert-dist
1
0
Fork 0
Code Issues 1 Pull Requests 1 Packages Projects Releases Wiki Activity

added: run signature verification in worker

Browse Source
This commit is contained in:
shimun 2022-12-07 18:24:30 +01:00
parent cf06ebebf4
commit 7b0a17dd54
Signed by: shimun
GPG Key ID: E0420647856EA39E
1 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/api.rs
View File

@ -267,8 +267,17 @@ async fn put_cert_update(
}): State<ApiState>, }): State<ApiState>,
CertificateBody(cert): CertificateBody, CertificateBody(cert): CertificateBody,
) -> ApiResult<String> { ) -> ApiResult<String> {
let cert = {
let ca = ca.clone();
tokio::task::spawn_blocking(move || -> ApiResult<Certificate> {
let cert = cert;
cert.validate(&[ca.fingerprint(Default::default())]) cert.validate(&[ca.fingerprint(Default::default())])
.map_err(|_| ApiError::CertificateInvalid)?; .map_err(|_| ApiError::CertificateInvalid)?;
Ok(cert)
})
.await
.context("signature verification")??
};
let prev = load_cert_by_id(&cert_dir, &ca, cert.key_id()).await?; let prev = load_cert_by_id(&cert_dir, &ca, cert.key_id()).await?;
let mut prev_serial = 0; let mut prev_serial = 0;
let serial = cert.serial(); let serial = cert.serial();