diff options
Diffstat (limited to 'hosted-api')
-rw-r--r-- | hosted-api/src/main/java/ai/vespa/hosted/api/RequestVerifier.java | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/hosted-api/src/main/java/ai/vespa/hosted/api/RequestVerifier.java b/hosted-api/src/main/java/ai/vespa/hosted/api/RequestVerifier.java index 7cfbee44730..8f1ffe9d4bb 100644 --- a/hosted-api/src/main/java/ai/vespa/hosted/api/RequestVerifier.java +++ b/hosted-api/src/main/java/ai/vespa/hosted/api/RequestVerifier.java @@ -3,6 +3,7 @@ package ai.vespa.hosted.api; import com.yahoo.security.KeyUtils; import com.yahoo.security.SignatureUtils; +import com.yahoo.yolean.Exceptions; import java.net.URI; import java.security.PublicKey; @@ -12,8 +13,11 @@ import java.time.Clock; import java.time.Duration; import java.time.Instant; import java.util.Base64; +import java.util.logging.Level; +import java.util.logging.Logger; import static com.yahoo.security.SignatureAlgorithm.SHA256_WITH_ECDSA; +import static java.util.logging.Level.INFO; /** * Verifies that signed HTTP requests match the indicated public key. @@ -22,6 +26,8 @@ import static com.yahoo.security.SignatureAlgorithm.SHA256_WITH_ECDSA; */ public class RequestVerifier { + private static final Logger log = Logger.getLogger(RequestVerifier.class.getName()); + private final Signature verifier; private final Clock clock; @@ -45,14 +51,21 @@ public class RequestVerifier { public boolean verify(Method method, URI requestUri, String timestamp, String contentHash, String signature) { try { Instant now = clock.instant(), then = Instant.parse(timestamp); - if (Duration.between(now, then).abs().compareTo(Duration.ofMinutes(5)) > 0) + if (Duration.between(now, then).abs().compareTo(Duration.ofMinutes(5)) > 0) { + log.log(INFO, () -> "Rejecting request due to timestamp mismatch of " + Duration.between(now, then)); return false; // Timestamp mismatch between sender and receiver of more than 5 minutes is not acceptable. + } byte[] canonicalMessage = Signatures.canonicalMessageOf(method.name(), requestUri, timestamp, contentHash); verifier.update(canonicalMessage); - return verifier.verify(Base64.getDecoder().decode(signature)); + if (verifier.verify(Base64.getDecoder().decode(signature))) + return true; + + log.log(INFO, () -> "Rejecting request because of signature mismatch"); + return false; } catch (RuntimeException | SignatureException e) { + log.log(INFO, () -> "Exception verifying request: " + Exceptions.toMessageString(e)); return false; } } |