rafaelcaricio/relay
1
0
Fork 0
forked from mirrors/relay
Code Pull requests Activity

Move sign, verify to threadpool

Browse source
This commit is contained in:
asonix 2020-03-30 01:06:13 -05:00
parent 8fb810b5bf
commit b8bc230403
5 changed files with 90 additions and 61 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

70
Cargo.lock generated
View file

@ -411,9 +411,9 @@ dependencies = [
[[package]]
name = "async-trait"
version = "0.1.26"
version = "0.1.27"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "21a03abb7c9b93ae229356151a083d26218c0358866a2a59d4280c856e9482e6"
checksum = "991d0a1a3e790c835fd54ab41742a59251338d8c7577fe7d7f0170c7072be708"
dependencies = [
"proc-macro2",
"quote",
@ -801,9 +801,9 @@ dependencies = [
[[package]]
name = "derive_more"
version = "0.99.3"
version = "0.99.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a806e96c59a76a5ba6e18735b6cf833344671e61e7863f2edb5c518ea2cac95c"
checksum = "e2323f3f47db9a0e77ce7a300605d8d2098597fc451ed1a97bb1f6411bb550a7"
dependencies = [
"proc-macro2",
"quote",
@ -1077,9 +1077,9 @@ dependencies = [
[[package]]
name = "h2"
version = "0.2.2"
version = "0.2.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9d5c295d1c0c68e4e42003d75f908f5e16a1edd1cbe0b0d02e4dc2006a384f47"
checksum = "7938e6aa2a31df4e21f224dc84704bd31c089a6d1355c535b03667371cccc843"
dependencies = [
"bytes",
"fnv",
@ -1115,9 +1115,9 @@ dependencies = [
[[package]]
name = "hermit-abi"
version = "0.1.8"
version = "0.1.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1010591b26bbfe835e9faeabeb11866061cc7dcebffd56ad7d0942d0e61aefd8"
checksum = "725cf19794cf90aa94e65050cb4191ff5d8fa87a498383774c47b332e3af952e"
dependencies = [
"libc",
]
@ -1159,9 +1159,9 @@ dependencies = [
[[package]]
name = "http"
version = "0.2.0"
version = "0.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b708cc7f06493459026f53b9a61a7a121a5d1ec6238dee58ea4941132b30156b"
checksum = "28d569972648b2c512421b5f2a405ad6ac9666547189d0c5477a3f200f3e02f9"
dependencies = [
"bytes",
"fnv",
@ -1171,8 +1171,7 @@ dependencies = [
[[package]]
name = "http-signature-normalization"
version = "0.4.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "257835255b5d40c6de712d90e56dc874ca5da2816121e7b9f3cfc7b3a55a5714"
source = "git+https://git.asonix.dog/Aardwolf/http-signature-normalization#a38b6aa1edad3cda6970a064d36779aba2f1f2f7"
dependencies = [
"chrono",
"thiserror",
@ -1181,8 +1180,7 @@ dependencies = [
[[package]]
name = "http-signature-normalization-actix"
version = "0.3.0-alpha.8"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3cb648b09e044851e0afb1056af9bdaf723264ae5967647959ded12bedde4c30"
source = "git+https://git.asonix.dog/Aardwolf/http-signature-normalization#a38b6aa1edad3cda6970a064d36779aba2f1f2f7"
dependencies = [
"actix-http",
"actix-web",
@ -1269,9 +1267,9 @@ checksum = "b8b7a7c0c47db5545ed3fef7468ee7bb5b74691498139e4b3f6a20685dc6dd8e"
[[package]]
name = "js-sys"
version = "0.3.36"
version = "0.3.37"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1cb931d43e71f560c81badb0191596562bafad2be06a3f9025b845c847c60df5"
checksum = "6a27d435371a2fa5b6d2b028a74bbdb1234f308da363226a2854ca3ff8ba7055"
dependencies = [
"wasm-bindgen",
]
@ -1993,9 +1991,9 @@ dependencies = [
[[package]]
name = "ring"
version = "0.16.11"
version = "0.16.12"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "741ba1704ae21999c00942f9f5944f801e977f54302af346b596287599ad1862"
checksum = "1ba5a8ec64ee89a76c98c549af81ff14813df09c3e6dc4766c3856da48597a0c"
dependencies = [
"cc",
"lazy_static",
@ -2203,9 +2201,9 @@ dependencies = [
[[package]]
name = "serde_json"
version = "1.0.48"
version = "1.0.50"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9371ade75d4c2d6cb154141b9752cf3781ec9c05e0e5cf35060e1e70ee7b9c25"
checksum = "78a7a12c167809363ec3bd7329fc0a3369056996de43c4b37ef3cd54a6ce4867"
dependencies = [
"itoa",
"ryu",
@ -2512,18 +2510,18 @@ dependencies = [
[[package]]
name = "thiserror"
version = "1.0.13"
version = "1.0.14"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e3711fd1c4e75b3eff12ba5c40dba762b6b65c5476e8174c1a664772060c49bf"
checksum = "f0570dc61221295909abdb95c739f2e74325e14293b2026b0a7e195091ec54ae"
dependencies = [
"thiserror-impl",
]
[[package]]
name = "thiserror-impl"
version = "1.0.13"
version = "1.0.14"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ae2b85ba4c9aa32dd3343bd80eb8d22e9b54b7688c17ea3907f236885353b233"
checksum = "227362df41d566be41a28f64401e07a043157c21c14b9785a0d8e256f940a8fd"
dependencies = [
"proc-macro2",
"quote",
@ -2832,9 +2830,9 @@ checksum = "cccddf32554fecc6acb585f82a32a72e28b48f8c4c1883ddfeeeaa96f7d8e519"
[[package]]
name = "wasm-bindgen"
version = "0.2.59"
version = "0.2.60"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3557c397ab5a8e347d434782bcd31fc1483d927a6826804cec05cc792ee2519d"
checksum = "2cc57ce05287f8376e998cbddfb4c8cb43b84a7ec55cf4551d7c00eef317a47f"
dependencies = [
"cfg-if",
"wasm-bindgen-macro",
@ -2842,9 +2840,9 @@ dependencies = [
[[package]]
name = "wasm-bindgen-backend"
version = "0.2.59"
version = "0.2.60"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e0da9c9a19850d3af6df1cb9574970b566d617ecfaf36eb0b706b6f3ef9bd2f8"
checksum = "d967d37bf6c16cca2973ca3af071d0a2523392e4a594548155d89a678f4237cd"
dependencies = [
"bumpalo",
"lazy_static",
@ -2857,9 +2855,9 @@ dependencies = [
[[package]]
name = "wasm-bindgen-macro"
version = "0.2.59"
version = "0.2.60"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0f6fde1d36e75a714b5fe0cffbb78978f222ea6baebb726af13c78869fdb4205"
checksum = "8bd151b63e1ea881bb742cd20e1d6127cef28399558f3b5d415289bc41eee3a4"
dependencies = [
"quote",
"wasm-bindgen-macro-support",
@ -2867,9 +2865,9 @@ dependencies = [
[[package]]
name = "wasm-bindgen-macro-support"
version = "0.2.59"
version = "0.2.60"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "25bda4168030a6412ea8a047e27238cadf56f0e53516e1e83fec0a8b7c786f6d"
checksum = "d68a5b36eef1be7868f668632863292e37739656a80fc4b9acec7b0bd35a4931"
dependencies = [
"proc-macro2",
"quote",
@ -2880,15 +2878,15 @@ dependencies = [
[[package]]
name = "wasm-bindgen-shared"
version = "0.2.59"
version = "0.2.60"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fc9f36ad51f25b0219a3d4d13b90eb44cd075dff8b6280cca015775d7acaddd8"
checksum = "daf76fe7d25ac79748a37538b7daeed1c7a6867c92d3245c12c6222e4a20d639"
[[package]]
name = "web-sys"
version = "0.3.36"
version = "0.3.37"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "721c6263e2c66fd44501cc5efbfa2b7dfa775d13e4ea38c46299646ed1f9c70a"
checksum = "2d6f51648d8c56c366144378a33290049eafdd784071077f6fe37dae64c1c4cb"
dependencies = [
"js-sys",
"wasm-bindgen",

3
Cargo.toml
View file

@ -56,3 +56,6 @@ ructe = { version = "0.9.2", features = ["sass", "mime03"] }
[profile.dev.package.rsa]
opt-level = 3
[patch.crates-io]
http-signature-normalization-actix = { git = "https://git.asonix.dog/Aardwolf/http-signature-normalization" }

2
src/error.rs
View file

@ -28,7 +28,7 @@ pub enum MyError {
#[error("Couldn't perform IO, {0}")]
Io(#[from] Error),
#[error("Couldn't sign string")]
#[error("Couldn't sign string, {0}")]
Rsa(rsa::errors::Error),
#[error("Couldn't do the json thing")]

22
src/middleware/verifier.rs
View file

@ -1,5 +1,6 @@
use crate::{data::ActorCache, error::MyError, requests::Requests};
use activitystreams::primitives::XsdAnyUri;
use actix_web::web;
use http_signature_normalization_actix::{prelude::*, verify::DeprecatedAlgorithm};
use log::{error, warn};
use rsa::{hash::Hashes, padding::PaddingScheme, PublicKey, RSAPublicKey};
@ -33,15 +34,20 @@ impl MyVerify {
}
};
let decoded = base64::decode(signature)?;
let hashed = Sha256::digest(signing_string.as_bytes());
web::block(move || {
let decoded = base64::decode(signature)?;
let hashed = Sha256::digest(signing_string.as_bytes());
public_key.verify(
PaddingScheme::PKCS1v15,
Some(&Hashes::SHA2_256),
&hashed,
&decoded,
)?;
public_key.verify(
PaddingScheme::PKCS1v15,
Some(&Hashes::SHA2_256),
&hashed,
&decoded,
)?;
Ok(()) as Result<(), MyError>
})
.await?;
Ok(true)
}

54
src/requests.rs
View file

@ -31,14 +31,19 @@ impl Requests {
where
T: serde::de::DeserializeOwned,
{
let signer = self.signer();
let mut res = self
.client
.get(url)
.header("Accept", "application/activity+json")
.header("User-Agent", self.user_agent.as_str())
.signature(&self.config, &self.key_id, |signing_string| {
self.sign(signing_string)
})?
.signature(
self.config.clone(),
self.key_id.clone(),
move |signing_string| signer.sign(signing_string),
)
.await?
.send()
.await
.map_err(|e| {
@ -50,7 +55,7 @@ impl Requests {
if let Ok(bytes) = res.body().await {
if let Ok(s) = String::from_utf8(bytes.as_ref().to_vec()) {
if !s.is_empty() {
error!("Response, {}", s);
error!("Response from {}, {}", url, s);
}
}
}
@ -66,14 +71,19 @@ impl Requests {
pub async fn fetch_bytes(&self, url: &str) -> Result<(String, Bytes), MyError> {
info!("Fetching bytes for {}", url);
let signer = self.signer();
let mut res = self
.client
.get(url)
.header("Accept", "application/activity+json")
.header("User-Agent", self.user_agent.as_str())
.signature(&self.config, &self.key_id, |signing_string| {
self.sign(signing_string)
})?
.signature(
self.config.clone(),
self.key_id.clone(),
move |signing_string| signer.sign(signing_string),
)
.await?
.send()
.await
.map_err(|e| {
@ -95,7 +105,7 @@ impl Requests {
if let Ok(bytes) = res.body().await {
if let Ok(s) = String::from_utf8(bytes.as_ref().to_vec()) {
if !s.is_empty() {
error!("Response, {}", s);
error!("Response from {}, {}", url, s);
}
}
}
@ -118,8 +128,7 @@ impl Requests {
where
T: serde::ser::Serialize,
{
let mut digest = Sha256::new();
let signer = self.signer();
let item_string = serde_json::to_string(item)?;
let mut res = self
@ -129,12 +138,13 @@ impl Requests {
.header("Content-Type", "application/activity+json")
.header("User-Agent", self.user_agent.as_str())
.signature_with_digest(
&self.config,
&self.key_id,
&mut digest,
self.config.clone(),
self.key_id.clone(),
Sha256::new(),
item_string,
|signing_string| self.sign(signing_string),
)?
move |signing_string| signer.sign(signing_string),
)
.await?
.send()
.await
.map_err(|e| {
@ -146,7 +156,7 @@ impl Requests {
if let Ok(bytes) = res.body().await {
if let Ok(s) = String::from_utf8(bytes.as_ref().to_vec()) {
if !s.is_empty() {
error!("Response, {}", s);
error!("Response from {}, {}", inbox.as_str(), s);
}
}
}
@ -156,6 +166,18 @@ impl Requests {
Ok(())
}
fn signer(&self) -> Signer {
Signer {
private_key: self.private_key.clone(),
}
}
}
struct Signer {
private_key: RSAPrivateKey,
}
impl Signer {
fn sign(&self, signing_string: &str) -> Result<String, MyError> {
let hashed = Sha256::digest(signing_string.as_bytes());
let bytes =