1
0
mirror of https://github.com/imgproxy/imgproxy.git synced 2025-01-08 10:45:04 +02:00
imgproxy/crypt.go

38 lines
721 B
Go
Raw Normal View History

2017-06-20 15:58:55 +02:00
package main
import (
"crypto/hmac"
"crypto/sha256"
"encoding/base64"
"errors"
)
2018-10-05 22:29:55 +02:00
var (
2018-10-05 23:01:54 +02:00
errInvalidToken = errors.New("Invalid token")
errInvalidTokenEncoding = errors.New("Invalid token encoding")
2018-10-05 22:29:55 +02:00
)
2017-06-20 15:58:55 +02:00
func validatePath(token, path string) error {
messageMAC, err := base64.RawURLEncoding.DecodeString(token)
if err != nil {
2018-10-05 23:01:54 +02:00
return errInvalidTokenEncoding
2017-06-20 15:58:55 +02:00
}
if !hmac.Equal(messageMAC, signatureFor(path)) {
2018-10-05 22:29:55 +02:00
return errInvalidToken
2017-06-20 15:58:55 +02:00
}
return nil
}
func signatureFor(str string) []byte {
mac := hmac.New(sha256.New, conf.Key)
mac.Write(conf.Salt)
mac.Write([]byte(str))
expectedMAC := mac.Sum(nil)
if conf.SignatureSize < 32 {
return expectedMAC[:conf.SignatureSize]
}
return expectedMAC
}