FediMovies/fedimovies
1
1
Fork 0
Code Issues 3 Pull requests Projects Releases Packages Activity

Allow non-standard wrap width when parsing public keys in PEM format

Browse source
This commit is contained in:
silverpill 2022-02-13 13:10:09 +00:00
parent e48a8999f5
commit 226fc49b86
4 changed files with 28 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
Cargo.lock generated
View file

@ -1706,6 +1706,7 @@ dependencies = [
"mime-sniffer", "mime-sniffer",
"mime_guess", "mime_guess",
"num_cpus", "num_cpus",
"pem",
"postgres-protocol", "postgres-protocol",
"postgres-types", "postgres-types",
"postgres_query", "postgres_query",
@ -1934,6 +1935,15 @@ dependencies = [
"winapi 0.3.9", "winapi 0.3.9",
] ]
[[package]]
name = "pem"
version = "1.0.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e9a3b09a20e374558580a4914d3b7d89bd61b954a5a5e1dcbea98753addb1947"
dependencies = [
"base64 0.13.0",
]
[[package]] [[package]]
name = "pem-rfc7468" name = "pem-rfc7468"
version = "0.2.0" version = "0.2.0"

1
Cargo.toml
View file

@ -51,6 +51,7 @@ refinery = { version = "0.4.0", features = ["tokio-postgres"] }
reqwest = { version = "0.10.10", features = ["json"] } reqwest = { version = "0.10.10", features = ["json"] }
# Used for working with RSA keys # Used for working with RSA keys
rsa = "0.5.0" rsa = "0.5.0"
pem = "1.0.2"
# Used for hashing passwords # Used for hashing passwords
rust-argon2 = "0.8.3" rust-argon2 = "0.8.3"
# Used for working with ethereum keys # Used for working with ethereum keys

4
src/http_signatures/verify.rs
View file

@ -32,8 +32,8 @@ pub enum VerificationError {
#[error("{0}")] #[error("{0}")]
ActorError(String), ActorError(String),
#[error("invalid key")] #[error("invalid public key")]
InvalidKey(#[from] rsa::pkcs8::Error), InvalidPublicKey(#[from] rsa::pkcs8::Error),
#[error("invalid encoding")] #[error("invalid encoding")]
InvalidEncoding(#[from] base64::DecodeError), InvalidEncoding(#[from] base64::DecodeError),

16
src/utils/crypto.rs
View file

@ -1,3 +1,4 @@
use pem;
use rand; use rand;
use rand::prelude::*; use rand::prelude::*;
use rsa::{Hash, PaddingScheme, PublicKey, RsaPrivateKey, RsaPublicKey}; use rsa::{Hash, PaddingScheme, PublicKey, RsaPrivateKey, RsaPublicKey};
@ -47,7 +48,12 @@ pub fn get_public_key_pem(
pub fn deserialize_public_key( pub fn deserialize_public_key(
public_key_pem: &str, public_key_pem: &str,
) -> Result<RsaPublicKey, rsa::pkcs8::Error> { ) -> Result<RsaPublicKey, rsa::pkcs8::Error> {
RsaPublicKey::from_public_key_pem(public_key_pem.trim()) // rsa package can't decode PEM string with non-standard wrap width,
// so the input should be normalized first
let parsed_pem = pem::parse(public_key_pem.trim().as_bytes())
.map_err(|_| rsa::pkcs8::Error::Pem)?;
let normalized_pem = pem::encode(&parsed_pem);
RsaPublicKey::from_public_key_pem(&normalized_pem)
} }
pub fn sign_message( pub fn sign_message(
@ -88,6 +94,14 @@ mod tests {
use rand::rngs::OsRng; use rand::rngs::OsRng;
use super::*; use super::*;
#[test]
fn test_deserialize_public_key_nowrap() {
let public_key_pem = "-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8ehqQ7n6+pw19U8q2UtxE/9017STW3yRnnqV5nVk8LJ00ba+berqwekxDW+nw77GAu3TJ+hYeeSerUNPup7y3yO3V
YsFtrgWDQ/s8k86sNBU+Ce2GOL7seh46kyAWgJeohh4Rcrr23rftHbvxOcRM8VzYuCeb1DgVhPGtA0xULwIDAQAB\n-----END PUBLIC KEY-----";
let result = deserialize_public_key(&public_key_pem);
assert_eq!(result.is_ok(), true);
}
#[test] #[test]
fn test_public_key_serialization_deserialization() { fn test_public_key_serialization_deserialization() {
let private_key = RsaPrivateKey::new(&mut OsRng, 512).unwrap(); let private_key = RsaPrivateKey::new(&mut OsRng, 512).unwrap();