blah

author: Julio Capote <jcapote@gmail.com> 2023-01-04 15:32:56 +0000
committer: Julio Capote <jcapote@gmail.com> 2023-01-04 15:32:56 +0000
commit: c1b3507df7114fba929c3f903e55c9787eb2d623 (patch)
tree: d3982d9a1f64aa4cdc56033952743d3c7f7028f0 /registry
parent: 2c13b7e5be813ce375645c5e07740b4a3afd05b1 (diff)
download: communique-c1b3507df7114fba929c3f903e55c9787eb2d623.tar.gz
1 files changed, 5 insertions, 1 deletions
diff --git a/registry/registry.go b/registry/registry.go
index 7b47d73..58bf439 100644
--- a/registry/registry.go
+++ b/registry/registry.go
@@ -207,16 +207,20 @@ func (r *Registry) Inbox(name string, req *http.Request) error {
 	pubKey := iter.Get()
 	pemProp := pubKey.GetW3IDSecurityV1PublicKeyPem()
 	pemStr := pemProp.Get()
-	pemStr = strings.ReplaceAll(pemStr, "\n", "")
 	logger.With("keyId", keyId).With("pem", pemStr).Debugf("extracted pem")
 	pemObj, _ := pem.Decode([]byte(pemStr))
 	if pemObj == nil {
 		return fmt.Errorf("no PEM block found")
 	}
+	if pemObj.Type != "PUBLIC KEY" {
+		return fmt.Errorf("no public key found in PEM block")
+	}
+
 	decodedKey, err := x509.ParsePKCS1PublicKey(pemObj.Bytes)
 	if err != nil {
 		return err
 	}
+	logger.With("keyId", keyId).With("pem", pemStr).Debugf("got %T", decodedKey)
 	algo := httpsig.RSA_SHA256
 	return verifier.Verify(decodedKey, algo)
 }
author	Julio Capote <jcapote@gmail.com>	2023-01-04 15:32:56 +0000
committer	Julio Capote <jcapote@gmail.com>	2023-01-04 15:32:56 +0000
commit	c1b3507df7114fba929c3f903e55c9787eb2d623 (patch)
tree	d3982d9a1f64aa4cdc56033952743d3c7f7028f0 /registry
parent	2c13b7e5be813ce375645c5e07740b4a3afd05b1 (diff)
download	communique-c1b3507df7114fba929c3f903e55c9787eb2d623.tar.gz