From a8933a2e66bfa782d15783c3bca90c18084d93af Mon Sep 17 00:00:00 2001
From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Tue, 4 May 2021 01:59:08 +0100
Subject: [PATCH] AssetUrlKey: check

Signed-off-by: Ian Jackson <ijackson@chiark.greenend.org.uk>
---
 Cargo.lock     |  1 +
 Cargo.toml     |  1 +
 src/bundles.rs | 12 ++++++++++++
 src/prelude.rs |  3 ++-
 4 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/Cargo.lock b/Cargo.lock
index dda0ee9e..aa70b052 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2233,6 +2233,7 @@ dependencies = [
  "slotmap-fork-otter",
  "structopt",
  "strum",
+ "subtle",
  "tempfile",
  "tera",
  "toml 0.5.8",
diff --git a/Cargo.toml b/Cargo.toml
index dc43c514..4235854f 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -68,6 +68,7 @@ rmp-serde="0.15"
 serde_with="1"
 structopt="0.3"
 sha2="0.9"
+subtle="2.4"
 tempfile="3"
 tera="0.11"
 toml="0.5"
diff --git a/src/bundles.rs b/src/bundles.rs
index 4bf8358b..844eb17f 100644
--- a/src/bundles.rs
+++ b/src/bundles.rs
@@ -93,6 +93,18 @@ impl AssetUrlKey {
     rmp_serde::encode::write(&mut dw, &v).expect("serialize failed!");
     AssetUrlToken(dw.finish().0)
   }
+
+  #[throws(BadAssetUrlToken)]
+  pub fn check<V>(&self, what: &str, v: &V, got: &AssetUrlToken)
+                  -> Authorisation<V>
+  where V: Serialize {
+    let exp = self.token(what, v);
+    if ! bool::from(ConstantTimeEq::ct_eq(
+      &exp.0[..],
+      &got.0[..],
+    )) { throw!(BadAssetUrlToken) }
+    else { Authorisation::authorised(v) }
+  }
 }
 impl Display for AssetUrlToken {
   #[throws(fmt::Error)]
diff --git a/src/prelude.rs b/src/prelude.rs
index 315830f0..cc9dbe03 100644
--- a/src/prelude.rs
+++ b/src/prelude.rs
@@ -95,6 +95,7 @@ pub use sha2::{Sha512, Sha512Trunc256};
 pub use slotmap::{dense::DenseSlotMap, SparseSecondaryMap, Key as _};
 pub use strum::{EnumString, EnumIter, EnumProperty};
 pub use strum::{IntoEnumIterator, IntoStaticStr};
+pub use subtle::ConstantTimeEq;
 pub use tempfile::NamedTempFile;
 pub use thiserror::Error;
 pub use url::Url;
@@ -123,7 +124,7 @@ pub use crate::accounts::*;
 pub use crate::authproofs::{self, Authorisation, Unauthorised};
 pub use crate::authproofs::AuthorisationSuperuser;
 pub use crate::bundles::{self, InstanceBundles, MgmtBundleListExt};
-pub use crate::bundles::{AssetUrlKey, AssetUrlToken};
+pub use crate::bundles::{AssetUrlKey, AssetUrlToken, BadAssetUrlToken};
 pub use crate::commands::{AccessTokenInfo, AccessTokenReport, MgmtError};
 pub use crate::commands::{MgmtCommand, MgmtResponse};
 pub use crate::commands::{MgmtGameInstruction, MgmtGameResponse};
-- 
2.30.2