opensource/localsend
1
0
Fork 0
mirror of https://github.com/localsend/localsend.git synced 2026-06-23 04:10:07 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix: verify signature

Browse Source
This commit is contained in:
Tien Do Nam
2025-02-25 23:10:37 +01:00
parent b2bd3b060c
commit aa85dbd674
2 changed files with 24 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files
core/src/crypto/token.rs
+11 -1
View File
@@ -22,6 +22,8 @@ pub trait VerifyingTokenKey {
fn verify(&self, msg: &[u8], signature: &[u8]) -> anyhow::Result<()>;
fn to_der(&self) -> anyhow::Result<Vec<u8>>;
fn signature_method(&self) -> &'static str;
}
struct Ed25519VerifyingKey {
@@ -42,6 +44,10 @@ impl VerifyingTokenKey for Ed25519VerifyingKey {
fn to_der(&self) -> anyhow::Result<Vec<u8>> {
Ok(self.inner.to_public_key_der()?.into_vec())
}
fn signature_method(&self) -> &'static str {
"ed25519"
}
}
impl VerifyingTokenKey for RsaPssVerifyingKey {
@@ -54,6 +60,10 @@ impl VerifyingTokenKey for RsaPssVerifyingKey {
fn to_der(&self) -> anyhow::Result<Vec<u8>> {
Ok(self.inner.to_public_key_der()?.into_vec())
}
fn signature_method(&self) -> &'static str {
"rsa-pss"
}
}
pub fn generate_key() -> SigningTokenKey {
@@ -178,7 +188,7 @@ pub fn verify_token_with_result(
return Err(anyhow::anyhow!("Invalid hash method"));
}
if sign_method != "ed25519" {
if sign_method != public_key.signature_method() {
return Err(anyhow::anyhow!("Invalid sign method"));
}
core/src/webrtc/webrtc.rs
+13 -12
View File
@@ -332,7 +332,7 @@ pub async fn send_offer(
|data_channel, result| {
let data_channel = Arc::clone(&data_channel);
async move {
process_string_in_chunks(
send_string_in_chunks(
&data_channel,
serde_json::to_string(&match result {
VerifyPinResult::PinRequired => {
@@ -364,7 +364,7 @@ pub async fn send_offer(
// send file list message
let file_list_req = serde_json::to_string(&RTCPinSendingResponse::Ok { files })?;
let result = process_string_in_chunks(
let result = send_string_in_chunks(
Arc::clone(&data_channel),
file_list_req,
|data_channel, chunk| async move {
@@ -711,6 +711,7 @@ pub async fn accept_offer(
wait_buffer_empty(&data_channel).await;
return Err(anyhow::anyhow!("Invalid token signature or nonce"));
}
tracing::debug!("Token signature verified.");
}
{
@@ -753,16 +754,16 @@ pub async fn accept_offer(
)
.await?;
data_channel
.send_text(
serde_json::to_string(&RTCPinReceivingResponse::Ok)
.expect("Failed to serialize"),
)
.await?;
tracing::debug!("PIN challenge done.");
}
data_channel
.send_text(
serde_json::to_string(&RTCPinReceivingResponse::Ok)
.expect("Failed to serialize"),
)
.await?;
tracing::debug!("Waiting for sender PIN status...");
let pin_response = {
@@ -834,7 +835,7 @@ pub async fn accept_offer(
let Some(selected_files) = selected_files else {
// Declined by the user
process_string_in_chunks(
send_string_in_chunks(
Arc::clone(&data_channel),
serde_json::to_string(&RTCFileListResponse::Declined)?,
|data_channel, chunk| async move {
@@ -857,7 +858,7 @@ pub async fn accept_offer(
})
.collect::<HashMap<String, String>>();
process_string_in_chunks(
send_string_in_chunks(
Arc::clone(&data_channel),
serde_json::to_string(&RTCFileListResponse::Ok {
files: file_tokens.clone(),
@@ -1294,7 +1295,7 @@ where
/// Convenience function for `process_in_chunks` that processes a string in chunks.
/// Note: You need to send the delimiter (or any other string) after the last chunk.
pub async fn process_string_in_chunks<T, F, Fut>(
pub async fn send_string_in_chunks<T, F, Fut>(
data_channel: T,
string: String,
callback: F,