func checkAuth12Headers(user actor.Actor, r *http.Request, headToCheck, signedHeaders string) util.Gerror {
sig, err := base64.StdEncoding.DecodeString(signedHeaders)
if err != nil {
gerr := util.CastErr(err)
return gerr
}
sigSha := sha1.Sum([]byte(headToCheck))
err = chefcrypto.Auth12HeaderVerify(user.PublicKey(), sigSha[:], sig)
if err != nil {
return util.CastErr(err)
}
return nil
}
func checkAuthHeaders(user actor.Actor, r *http.Request, headToCheck, signedHeaders string) util.Gerror {
decHead, berr := chefcrypto.HeaderDecrypt(user.PublicKey(), signedHeaders)
if berr != nil {
gerr := util.Errorf(berr.Error())
gerr.SetStatus(http.StatusUnauthorized)
return gerr
}
if string(decHead) != headToCheck {
gerr := util.Errorf("failed to verify authorization")
gerr.SetStatus(http.StatusUnauthorized)
return gerr
}
return nil
}