diff options
Diffstat (limited to 'registry')
-rw-r--r-- | registry/registry.go | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/registry/registry.go b/registry/registry.go index 7b47d73..58bf439 100644 --- a/registry/registry.go +++ b/registry/registry.go @@ -207,16 +207,20 @@ func (r *Registry) Inbox(name string, req *http.Request) error { pubKey := iter.Get() pemProp := pubKey.GetW3IDSecurityV1PublicKeyPem() pemStr := pemProp.Get() - pemStr = strings.ReplaceAll(pemStr, "\n", "") logger.With("keyId", keyId).With("pem", pemStr).Debugf("extracted pem") pemObj, _ := pem.Decode([]byte(pemStr)) if pemObj == nil { return fmt.Errorf("no PEM block found") } + if pemObj.Type != "PUBLIC KEY" { + return fmt.Errorf("no public key found in PEM block") + } + decodedKey, err := x509.ParsePKCS1PublicKey(pemObj.Bytes) if err != nil { return err } + logger.With("keyId", keyId).With("pem", pemStr).Debugf("got %T", decodedKey) algo := httpsig.RSA_SHA256 return verifier.Verify(decodedKey, algo) } |