tangled.org / core
this repo has no description
fork atom

legit: validate public keys

Anirudh Oppiliappan b1a88a75 3da50c91

options
unified split
Changed files
+10
legit
routes
routes.go
+10
legit/routes/routes.go
··· 19 19 "github.com/icyphox/bild/legit/db" 20 20 "github.com/icyphox/bild/legit/git" 21 21 "github.com/russross/blackfriday/v2" 22 + "golang.org/x/crypto/ssh" 22 23 ) 23 24 24 25 type Handle struct { ··· 435 436 } 436 437 437 438 func (h *Handle) Keys(w http.ResponseWriter, r *http.Request) { 439 + 438 440 switch r.Method { 439 441 case http.MethodGet: 440 442 // TODO: fetch keys from db ··· 445 447 case http.MethodPut: 446 448 key := r.FormValue("key") 447 449 name := r.FormValue("name") 450 + 451 + _, _, _, _, err := ssh.ParseAuthorizedKey([]byte(key)) 452 + if err != nil { 453 + h.WriteOOBNotice(w, "keys", "Invalid public key. Check your formatting and try again.") 454 + log.Printf("parsing public key: %s", err) 455 + return 456 + } 457 + 448 458 // TODO: add did here 449 459 if err := h.db.AddPublicKey("did:ashtntnashtx", name, key); err != nil { 450 460 h.WriteOOBNotice(w, "keys", "Failed to add key")