check content-length and digest

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>

1 files changed, 8 insertions, 3 deletions

diff --git a/lib/Service/SignatureService.php b/lib/Service/SignatureService.php
index f76ab2ad..71855e1a 100644
--- a/lib/Service/SignatureService.php
+++ b/lib/Service/SignatureService.php
@@ -256,6 +256,14 @@ class SignatureService {
 			throw new SignatureException('object is too old');
 		}
 
+		if (strlen($data) !== (int)$request->getHeader('content-length')) {
+			throw new SignatureException('issue with content-length');
+		}
+
+		if ($this->generateDigest($data) !== $request->getHeader('digest')) {
+			throw new SignatureException('issue with digest');
+		}
+
 		try {
 			return $this->checkRequestSignature($request, $data);
 		} catch (RequestContentException $e) {
@@ -379,9 +387,6 @@ class SignatureService {
 		$signed = base64_decode($sign['signature']);
 		$estimated = $this->generateEstimatedSignature($headers, $request);
 
-		// TODO: check digest
-		//	$this->generateDigest($data);
-
 		try {
 			$publicKey = $this->retrieveKey($keyId);
 			$this->checkRequestSignatureUsingPublicKey($publicKey, $sign, $estimated, $signed);