mirror of
https://git.asonix.dog/asonix/relay.git
synced 2025-01-22 17:28:06 +00:00
Move sign, verify to threadpool
This commit is contained in:
parent
8fb810b5bf
commit
b8bc230403
5 changed files with 90 additions and 61 deletions
70
Cargo.lock
generated
70
Cargo.lock
generated
|
@ -411,9 +411,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "async-trait"
|
||||
version = "0.1.26"
|
||||
version = "0.1.27"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "21a03abb7c9b93ae229356151a083d26218c0358866a2a59d4280c856e9482e6"
|
||||
checksum = "991d0a1a3e790c835fd54ab41742a59251338d8c7577fe7d7f0170c7072be708"
|
||||
dependencies = [
|
||||
"proc-macro2",
|
||||
"quote",
|
||||
|
@ -801,9 +801,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "derive_more"
|
||||
version = "0.99.3"
|
||||
version = "0.99.5"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "a806e96c59a76a5ba6e18735b6cf833344671e61e7863f2edb5c518ea2cac95c"
|
||||
checksum = "e2323f3f47db9a0e77ce7a300605d8d2098597fc451ed1a97bb1f6411bb550a7"
|
||||
dependencies = [
|
||||
"proc-macro2",
|
||||
"quote",
|
||||
|
@ -1077,9 +1077,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "h2"
|
||||
version = "0.2.2"
|
||||
version = "0.2.3"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "9d5c295d1c0c68e4e42003d75f908f5e16a1edd1cbe0b0d02e4dc2006a384f47"
|
||||
checksum = "7938e6aa2a31df4e21f224dc84704bd31c089a6d1355c535b03667371cccc843"
|
||||
dependencies = [
|
||||
"bytes",
|
||||
"fnv",
|
||||
|
@ -1115,9 +1115,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "hermit-abi"
|
||||
version = "0.1.8"
|
||||
version = "0.1.10"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "1010591b26bbfe835e9faeabeb11866061cc7dcebffd56ad7d0942d0e61aefd8"
|
||||
checksum = "725cf19794cf90aa94e65050cb4191ff5d8fa87a498383774c47b332e3af952e"
|
||||
dependencies = [
|
||||
"libc",
|
||||
]
|
||||
|
@ -1159,9 +1159,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "http"
|
||||
version = "0.2.0"
|
||||
version = "0.2.1"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "b708cc7f06493459026f53b9a61a7a121a5d1ec6238dee58ea4941132b30156b"
|
||||
checksum = "28d569972648b2c512421b5f2a405ad6ac9666547189d0c5477a3f200f3e02f9"
|
||||
dependencies = [
|
||||
"bytes",
|
||||
"fnv",
|
||||
|
@ -1171,8 +1171,7 @@ dependencies = [
|
|||
[[package]]
|
||||
name = "http-signature-normalization"
|
||||
version = "0.4.1"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "257835255b5d40c6de712d90e56dc874ca5da2816121e7b9f3cfc7b3a55a5714"
|
||||
source = "git+https://git.asonix.dog/Aardwolf/http-signature-normalization#a38b6aa1edad3cda6970a064d36779aba2f1f2f7"
|
||||
dependencies = [
|
||||
"chrono",
|
||||
"thiserror",
|
||||
|
@ -1181,8 +1180,7 @@ dependencies = [
|
|||
[[package]]
|
||||
name = "http-signature-normalization-actix"
|
||||
version = "0.3.0-alpha.8"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "3cb648b09e044851e0afb1056af9bdaf723264ae5967647959ded12bedde4c30"
|
||||
source = "git+https://git.asonix.dog/Aardwolf/http-signature-normalization#a38b6aa1edad3cda6970a064d36779aba2f1f2f7"
|
||||
dependencies = [
|
||||
"actix-http",
|
||||
"actix-web",
|
||||
|
@ -1269,9 +1267,9 @@ checksum = "b8b7a7c0c47db5545ed3fef7468ee7bb5b74691498139e4b3f6a20685dc6dd8e"
|
|||
|
||||
[[package]]
|
||||
name = "js-sys"
|
||||
version = "0.3.36"
|
||||
version = "0.3.37"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "1cb931d43e71f560c81badb0191596562bafad2be06a3f9025b845c847c60df5"
|
||||
checksum = "6a27d435371a2fa5b6d2b028a74bbdb1234f308da363226a2854ca3ff8ba7055"
|
||||
dependencies = [
|
||||
"wasm-bindgen",
|
||||
]
|
||||
|
@ -1993,9 +1991,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "ring"
|
||||
version = "0.16.11"
|
||||
version = "0.16.12"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "741ba1704ae21999c00942f9f5944f801e977f54302af346b596287599ad1862"
|
||||
checksum = "1ba5a8ec64ee89a76c98c549af81ff14813df09c3e6dc4766c3856da48597a0c"
|
||||
dependencies = [
|
||||
"cc",
|
||||
"lazy_static",
|
||||
|
@ -2203,9 +2201,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "serde_json"
|
||||
version = "1.0.48"
|
||||
version = "1.0.50"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "9371ade75d4c2d6cb154141b9752cf3781ec9c05e0e5cf35060e1e70ee7b9c25"
|
||||
checksum = "78a7a12c167809363ec3bd7329fc0a3369056996de43c4b37ef3cd54a6ce4867"
|
||||
dependencies = [
|
||||
"itoa",
|
||||
"ryu",
|
||||
|
@ -2512,18 +2510,18 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "thiserror"
|
||||
version = "1.0.13"
|
||||
version = "1.0.14"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "e3711fd1c4e75b3eff12ba5c40dba762b6b65c5476e8174c1a664772060c49bf"
|
||||
checksum = "f0570dc61221295909abdb95c739f2e74325e14293b2026b0a7e195091ec54ae"
|
||||
dependencies = [
|
||||
"thiserror-impl",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "thiserror-impl"
|
||||
version = "1.0.13"
|
||||
version = "1.0.14"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "ae2b85ba4c9aa32dd3343bd80eb8d22e9b54b7688c17ea3907f236885353b233"
|
||||
checksum = "227362df41d566be41a28f64401e07a043157c21c14b9785a0d8e256f940a8fd"
|
||||
dependencies = [
|
||||
"proc-macro2",
|
||||
"quote",
|
||||
|
@ -2832,9 +2830,9 @@ checksum = "cccddf32554fecc6acb585f82a32a72e28b48f8c4c1883ddfeeeaa96f7d8e519"
|
|||
|
||||
[[package]]
|
||||
name = "wasm-bindgen"
|
||||
version = "0.2.59"
|
||||
version = "0.2.60"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "3557c397ab5a8e347d434782bcd31fc1483d927a6826804cec05cc792ee2519d"
|
||||
checksum = "2cc57ce05287f8376e998cbddfb4c8cb43b84a7ec55cf4551d7c00eef317a47f"
|
||||
dependencies = [
|
||||
"cfg-if",
|
||||
"wasm-bindgen-macro",
|
||||
|
@ -2842,9 +2840,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "wasm-bindgen-backend"
|
||||
version = "0.2.59"
|
||||
version = "0.2.60"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "e0da9c9a19850d3af6df1cb9574970b566d617ecfaf36eb0b706b6f3ef9bd2f8"
|
||||
checksum = "d967d37bf6c16cca2973ca3af071d0a2523392e4a594548155d89a678f4237cd"
|
||||
dependencies = [
|
||||
"bumpalo",
|
||||
"lazy_static",
|
||||
|
@ -2857,9 +2855,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "wasm-bindgen-macro"
|
||||
version = "0.2.59"
|
||||
version = "0.2.60"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "0f6fde1d36e75a714b5fe0cffbb78978f222ea6baebb726af13c78869fdb4205"
|
||||
checksum = "8bd151b63e1ea881bb742cd20e1d6127cef28399558f3b5d415289bc41eee3a4"
|
||||
dependencies = [
|
||||
"quote",
|
||||
"wasm-bindgen-macro-support",
|
||||
|
@ -2867,9 +2865,9 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "wasm-bindgen-macro-support"
|
||||
version = "0.2.59"
|
||||
version = "0.2.60"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "25bda4168030a6412ea8a047e27238cadf56f0e53516e1e83fec0a8b7c786f6d"
|
||||
checksum = "d68a5b36eef1be7868f668632863292e37739656a80fc4b9acec7b0bd35a4931"
|
||||
dependencies = [
|
||||
"proc-macro2",
|
||||
"quote",
|
||||
|
@ -2880,15 +2878,15 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "wasm-bindgen-shared"
|
||||
version = "0.2.59"
|
||||
version = "0.2.60"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "fc9f36ad51f25b0219a3d4d13b90eb44cd075dff8b6280cca015775d7acaddd8"
|
||||
checksum = "daf76fe7d25ac79748a37538b7daeed1c7a6867c92d3245c12c6222e4a20d639"
|
||||
|
||||
[[package]]
|
||||
name = "web-sys"
|
||||
version = "0.3.36"
|
||||
version = "0.3.37"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "721c6263e2c66fd44501cc5efbfa2b7dfa775d13e4ea38c46299646ed1f9c70a"
|
||||
checksum = "2d6f51648d8c56c366144378a33290049eafdd784071077f6fe37dae64c1c4cb"
|
||||
dependencies = [
|
||||
"js-sys",
|
||||
"wasm-bindgen",
|
||||
|
|
|
@ -56,3 +56,6 @@ ructe = { version = "0.9.2", features = ["sass", "mime03"] }
|
|||
|
||||
[profile.dev.package.rsa]
|
||||
opt-level = 3
|
||||
|
||||
[patch.crates-io]
|
||||
http-signature-normalization-actix = { git = "https://git.asonix.dog/Aardwolf/http-signature-normalization" }
|
||||
|
|
|
@ -28,7 +28,7 @@ pub enum MyError {
|
|||
#[error("Couldn't perform IO, {0}")]
|
||||
Io(#[from] Error),
|
||||
|
||||
#[error("Couldn't sign string")]
|
||||
#[error("Couldn't sign string, {0}")]
|
||||
Rsa(rsa::errors::Error),
|
||||
|
||||
#[error("Couldn't do the json thing")]
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
use crate::{data::ActorCache, error::MyError, requests::Requests};
|
||||
use activitystreams::primitives::XsdAnyUri;
|
||||
use actix_web::web;
|
||||
use http_signature_normalization_actix::{prelude::*, verify::DeprecatedAlgorithm};
|
||||
use log::{error, warn};
|
||||
use rsa::{hash::Hashes, padding::PaddingScheme, PublicKey, RSAPublicKey};
|
||||
|
@ -33,15 +34,20 @@ impl MyVerify {
|
|||
}
|
||||
};
|
||||
|
||||
let decoded = base64::decode(signature)?;
|
||||
let hashed = Sha256::digest(signing_string.as_bytes());
|
||||
web::block(move || {
|
||||
let decoded = base64::decode(signature)?;
|
||||
let hashed = Sha256::digest(signing_string.as_bytes());
|
||||
|
||||
public_key.verify(
|
||||
PaddingScheme::PKCS1v15,
|
||||
Some(&Hashes::SHA2_256),
|
||||
&hashed,
|
||||
&decoded,
|
||||
)?;
|
||||
public_key.verify(
|
||||
PaddingScheme::PKCS1v15,
|
||||
Some(&Hashes::SHA2_256),
|
||||
&hashed,
|
||||
&decoded,
|
||||
)?;
|
||||
|
||||
Ok(()) as Result<(), MyError>
|
||||
})
|
||||
.await?;
|
||||
|
||||
Ok(true)
|
||||
}
|
||||
|
|
|
@ -31,14 +31,19 @@ impl Requests {
|
|||
where
|
||||
T: serde::de::DeserializeOwned,
|
||||
{
|
||||
let signer = self.signer();
|
||||
|
||||
let mut res = self
|
||||
.client
|
||||
.get(url)
|
||||
.header("Accept", "application/activity+json")
|
||||
.header("User-Agent", self.user_agent.as_str())
|
||||
.signature(&self.config, &self.key_id, |signing_string| {
|
||||
self.sign(signing_string)
|
||||
})?
|
||||
.signature(
|
||||
self.config.clone(),
|
||||
self.key_id.clone(),
|
||||
move |signing_string| signer.sign(signing_string),
|
||||
)
|
||||
.await?
|
||||
.send()
|
||||
.await
|
||||
.map_err(|e| {
|
||||
|
@ -50,7 +55,7 @@ impl Requests {
|
|||
if let Ok(bytes) = res.body().await {
|
||||
if let Ok(s) = String::from_utf8(bytes.as_ref().to_vec()) {
|
||||
if !s.is_empty() {
|
||||
error!("Response, {}", s);
|
||||
error!("Response from {}, {}", url, s);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -66,14 +71,19 @@ impl Requests {
|
|||
|
||||
pub async fn fetch_bytes(&self, url: &str) -> Result<(String, Bytes), MyError> {
|
||||
info!("Fetching bytes for {}", url);
|
||||
let signer = self.signer();
|
||||
|
||||
let mut res = self
|
||||
.client
|
||||
.get(url)
|
||||
.header("Accept", "application/activity+json")
|
||||
.header("User-Agent", self.user_agent.as_str())
|
||||
.signature(&self.config, &self.key_id, |signing_string| {
|
||||
self.sign(signing_string)
|
||||
})?
|
||||
.signature(
|
||||
self.config.clone(),
|
||||
self.key_id.clone(),
|
||||
move |signing_string| signer.sign(signing_string),
|
||||
)
|
||||
.await?
|
||||
.send()
|
||||
.await
|
||||
.map_err(|e| {
|
||||
|
@ -95,7 +105,7 @@ impl Requests {
|
|||
if let Ok(bytes) = res.body().await {
|
||||
if let Ok(s) = String::from_utf8(bytes.as_ref().to_vec()) {
|
||||
if !s.is_empty() {
|
||||
error!("Response, {}", s);
|
||||
error!("Response from {}, {}", url, s);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -118,8 +128,7 @@ impl Requests {
|
|||
where
|
||||
T: serde::ser::Serialize,
|
||||
{
|
||||
let mut digest = Sha256::new();
|
||||
|
||||
let signer = self.signer();
|
||||
let item_string = serde_json::to_string(item)?;
|
||||
|
||||
let mut res = self
|
||||
|
@ -129,12 +138,13 @@ impl Requests {
|
|||
.header("Content-Type", "application/activity+json")
|
||||
.header("User-Agent", self.user_agent.as_str())
|
||||
.signature_with_digest(
|
||||
&self.config,
|
||||
&self.key_id,
|
||||
&mut digest,
|
||||
self.config.clone(),
|
||||
self.key_id.clone(),
|
||||
Sha256::new(),
|
||||
item_string,
|
||||
|signing_string| self.sign(signing_string),
|
||||
)?
|
||||
move |signing_string| signer.sign(signing_string),
|
||||
)
|
||||
.await?
|
||||
.send()
|
||||
.await
|
||||
.map_err(|e| {
|
||||
|
@ -146,7 +156,7 @@ impl Requests {
|
|||
if let Ok(bytes) = res.body().await {
|
||||
if let Ok(s) = String::from_utf8(bytes.as_ref().to_vec()) {
|
||||
if !s.is_empty() {
|
||||
error!("Response, {}", s);
|
||||
error!("Response from {}, {}", inbox.as_str(), s);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -156,6 +166,18 @@ impl Requests {
|
|||
Ok(())
|
||||
}
|
||||
|
||||
fn signer(&self) -> Signer {
|
||||
Signer {
|
||||
private_key: self.private_key.clone(),
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
struct Signer {
|
||||
private_key: RSAPrivateKey,
|
||||
}
|
||||
|
||||
impl Signer {
|
||||
fn sign(&self, signing_string: &str) -> Result<String, MyError> {
|
||||
let hashed = Sha256::digest(signing_string.as_bytes());
|
||||
let bytes =
|
||||
|
|
Loading…
Reference in a new issue