From 489a5ff0232f67191740ebd9434a086af151e96d Mon Sep 17 00:00:00 2001
From: asonix <asonix@asonix.dog>
Date: Tue, 17 Mar 2020 15:52:26 -0500
Subject: [PATCH] Require publicKey, check actor's public key for agreement

---
 src/apub.rs     |  3 +--
 src/error.rs    |  3 ---
 src/inbox.rs    | 16 ++++++++--------
 src/verifier.rs |  4 +---
 4 files changed, 10 insertions(+), 16 deletions(-)

diff --git a/src/apub.rs b/src/apub.rs
index 786006c..df8e411 100644
--- a/src/apub.rs
+++ b/src/apub.rs
@@ -82,8 +82,7 @@ pub struct AcceptedActors {
 
     pub endpoints: Endpoints,
 
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub public_key: Option<PublicKey>,
+    pub public_key: PublicKey,
 }
 
 #[derive(Clone, Debug, serde::Deserialize, serde::Serialize)]
diff --git a/src/error.rs b/src/error.rs
index 6f63b02..80adda6 100644
--- a/src/error.rs
+++ b/src/error.rs
@@ -59,9 +59,6 @@ pub enum MyError {
 
     #[error("URI is missing domain field")]
     Domain,
-
-    #[error("Public key is missing")]
-    MissingKey,
 }
 
 impl ResponseError for MyError {
diff --git a/src/inbox.rs b/src/inbox.rs
index 2018eba..5fcc7dc 100644
--- a/src/inbox.rs
+++ b/src/inbox.rs
@@ -27,7 +27,14 @@ pub async fn inbox(
 ) -> Result<HttpResponse, MyError> {
     let input = input.into_inner();
 
-    if input.actor.as_str() != verified.key_id() {
+    let actor = fetch_actor(
+        state.clone().into_inner(),
+        client.clone().into_inner(),
+        &input.actor,
+    )
+    .await?;
+
+    if actor.public_key.id.as_str() != verified.key_id() {
         error!(
             "Request payload and requestor disagree on actor, {} != {}",
             input.actor,
@@ -36,13 +43,6 @@ pub async fn inbox(
         return Err(MyError::BadActor);
     }
 
-    let actor = fetch_actor(
-        state.clone().into_inner(),
-        client.clone().into_inner(),
-        &input.actor,
-    )
-    .await?;
-
     match input.kind {
         ValidTypes::Announce | ValidTypes::Create => {
             handle_relay(state, client, input, actor).await
diff --git a/src/verifier.rs b/src/verifier.rs
index 89f8808..535e321 100644
--- a/src/verifier.rs
+++ b/src/verifier.rs
@@ -50,10 +50,8 @@ async fn verify(
     debug!("Fetching actor");
     let actor = fetch_actor(state, client, &key_id.parse()?).await?;
 
-    let public_key = actor.public_key.ok_or(MyError::MissingKey)?;
-
     debug!("Parsing public key");
-    let public_key = RSAPublicKey::from_pem_pkcs8(&public_key.public_key_pem)?;
+    let public_key = RSAPublicKey::from_pem_pkcs8(&actor.public_key.public_key_pem)?;
 
     match algorithm {
         Some(Algorithm::Hs2019) => (),