jsonwebtoken/src/crypto/mod.rs

use ring::constant_time::verify_slices_are_equal;
use ring::{hmac, signature};

use crate::algorithms::Algorithm;
use crate::errors::{Result};
use crate::pem_decoder::PemEncodedKey;
use crate::serialization::{encode, decode};

pub(crate) mod rsa;
pub(crate) mod ecdsa;

/// The actual HS signing + encoding
pub(crate) fn sign_hmac(alg: hmac::Algorithm, key: &[u8], signing_input: &str) -> Result<String> {
    let digest = hmac::sign(&hmac::Key::new(alg, key), signing_input.as_bytes());
    Ok(encode(digest.as_ref()))
}


/// Take the payload of a JWT, sign it using the algorithm given and return
/// the base64 url safe encoded of the result.
///
/// Only use this function if you want to do something other than JWT.
/// `key` is the secret for HMAC and a pem encoded string otherwise
pub fn sign(signing_input: &str, key: &[u8], algorithm: Algorithm) -> Result<String> {
    match algorithm {
        Algorithm::HS256 => sign_hmac(hmac::HMAC_SHA256, key, signing_input),
        Algorithm::HS384 => sign_hmac(hmac::HMAC_SHA384, key, signing_input),
        Algorithm::HS512 => sign_hmac(hmac::HMAC_SHA512, key, signing_input),

        Algorithm::ES256 => {
            ecdsa::sign(&signature::ECDSA_P256_SHA256_FIXED_SIGNING, key, signing_input)
        }
        Algorithm::ES384 => {
            ecdsa::sign(&signature::ECDSA_P384_SHA384_FIXED_SIGNING, key, signing_input)
        }

        Algorithm::RS256 => rsa::sign(&signature::RSA_PKCS1_SHA256, key, signing_input),
        Algorithm::RS384 => rsa::sign(&signature::RSA_PKCS1_SHA384, key, signing_input),
        Algorithm::RS512 => rsa::sign(&signature::RSA_PKCS1_SHA512, key, signing_input),

        Algorithm::PS256 => rsa::sign(&signature::RSA_PSS_SHA256, key, signing_input),
        Algorithm::PS384 => rsa::sign(&signature::RSA_PSS_SHA384, key, signing_input),
        Algorithm::PS512 => rsa::sign(&signature::RSA_PSS_SHA512, key, signing_input),
    }
}

/// Compares the signature given with a re-computed signature for HMAC or using the public key
/// for RSA.
///
/// Only use this function if you want to do something other than JWT.
///
/// `signature` is the signature part of a jwt (text after the second '.')
///
/// `signing_input` is base64(header) + "." + base64(claims)
pub fn verify(
    signature: &str,
    signing_input: &str,
    key: &[u8],
    algorithm: Algorithm,
) -> Result<bool> {
    match algorithm {
        Algorithm::HS256 | Algorithm::HS384 | Algorithm::HS512 => {
            // we just re-sign the data with the key and compare if they are equal
            let signed = sign(signing_input, key, algorithm)?;
            Ok(verify_slices_are_equal(signature.as_ref(), signed.as_ref()).is_ok())
        }
        Algorithm::ES256 => {
            verify_ring_es(&signature::ECDSA_P256_SHA256_FIXED, signature, signing_input, key)
        }
        Algorithm::ES384 => {
            verify_ring_es(&signature::ECDSA_P384_SHA384_FIXED, signature, signing_input, key)
        }
        Algorithm::RS256 => {
            verify_ring_rsa(&signature::RSA_PKCS1_2048_8192_SHA256, signature, signing_input, key)
        }
        Algorithm::RS384 => {
            verify_ring_rsa(&signature::RSA_PKCS1_2048_8192_SHA384, signature, signing_input, key)
        }
        Algorithm::RS512 => {
            verify_ring_rsa(&signature::RSA_PKCS1_2048_8192_SHA512, signature, signing_input, key)
        }
        Algorithm::PS256 => {
            verify_ring_rsa(&signature::RSA_PSS_2048_8192_SHA256, signature, signing_input, key)
        }
        Algorithm::PS384 => {
            verify_ring_rsa(&signature::RSA_PSS_2048_8192_SHA384, signature, signing_input, key)
        }
        Algorithm::PS512 => {
            verify_ring_rsa(&signature::RSA_PSS_2048_8192_SHA512, signature, signing_input, key)
        }
    }
}

// TODO: see if we can remove stuff?

/// See Ring docs for more details
fn verify_ring(
    alg: &'static dyn signature::VerificationAlgorithm,
    signature: &str,
    signing_input: &str,
    key: &[u8],
) -> Result<bool> {
    let signature_bytes = decode(signature)?;
    let public_key = signature::UnparsedPublicKey::new(alg, key);
    let res = public_key.verify(signing_input.as_bytes(), &signature_bytes);

    Ok(res.is_ok())
}

fn verify_ring_es(
    alg: &'static dyn signature::VerificationAlgorithm,
    signature: &str,
    signing_input: &str,
    key: &[u8],
) -> Result<bool> {
    let pem_key = PemEncodedKey::new(key)?;
    verify_ring(alg, signature, signing_input, pem_key.as_ec_public_key()?)
}

fn verify_ring_rsa(
    alg: &'static signature::RsaParameters,
    signature: &str,
    signing_input: &str,
    key: &[u8],
) -> Result<bool> {
    let pem_key = PemEncodedKey::new(key)?;
    verify_ring(alg, signature, signing_input, pem_key.as_rsa_key()?)
}
Move to serde + base64 Remove Part trait Move tests to tests directory Reorganise code 2017-01-09 00:50:51 -05:00			`use ring::constant_time::verify_slices_are_equal;`
Move crypto to a dir 2019-11-08 14:00:19 -05:00			`use ring::{hmac, signature};`
Move to serde + base64 Remove Part trait Move tests to tests directory Reorganise code 2017-01-09 00:50:51 -05:00
Update to edition 2018 2019-07-06 14:36:32 -04:00			`use crate::algorithms::Algorithm;`
Move crypto to a dir 2019-11-08 14:00:19 -05:00			`use crate::errors::{Result};`
Remove Key approach in favour of &[u8] with pem 2019-11-06 17:32:13 -05:00			`use crate::pem_decoder::PemEncodedKey;`
Move crypto to a dir 2019-11-08 14:00:19 -05:00			`use crate::serialization::{encode, decode};`

			`pub(crate) mod rsa;`
			`pub(crate) mod ecdsa;`
feat: Implement FromStr trait for Algorithm 2018-08-30 14:53:55 -04:00
Cleanup crypto nesting and remove error-chain default features 2017-04-14 07:23:28 -04:00			`/// The actual HS signing + encoding`
Move crypto to a dir 2019-11-08 14:00:19 -05:00			`pub(crate) fn sign_hmac(alg: hmac::Algorithm, key: &[u8], signing_input: &str) -> Result<String> {`
Remove Key approach in favour of &[u8] with pem 2019-11-06 17:32:13 -05:00			`let digest = hmac::sign(&hmac::Key::new(alg, key), signing_input.as_bytes());`
Move crypto to a dir 2019-11-08 14:00:19 -05:00			`Ok(encode(digest.as_ref()))`
Added ES256/ES384/ES512 Algorithm stubs 2019-01-08 20:18:49 -05:00			`}`

Move to serde + base64 Remove Part trait Move tests to tests directory Reorganise code 2017-01-09 00:50:51 -05:00
Reorganise a bit and add more docs 2017-04-13 03:36:32 -04:00			`/// Take the payload of a JWT, sign it using the algorithm given and return`
			`/// the base64 url safe encoded of the result.`
			`///`
			`/// Only use this function if you want to do something other than JWT.`
Move crypto to a dir 2019-11-08 14:00:19 -05:00			/// `key` is the secret for HMAC and a pem encoded string otherwise
Remove Key approach in favour of &[u8] with pem 2019-11-06 17:32:13 -05:00			`pub fn sign(signing_input: &str, key: &[u8], algorithm: Algorithm) -> Result<String> {`
Work on RSA 2017-02-22 02:45:28 -05:00			`match algorithm {`
Use ring 0.16.5. 2019-08-10 17:38:14 -04:00			`Algorithm::HS256 => sign_hmac(hmac::HMAC_SHA256, key, signing_input),`
			`Algorithm::HS384 => sign_hmac(hmac::HMAC_SHA384, key, signing_input),`
			`Algorithm::HS512 => sign_hmac(hmac::HMAC_SHA512, key, signing_input),`
Work on RSA 2017-02-22 02:45:28 -05:00
Add Key trait and the supported formats 2019-05-15 10:19:38 -04:00			`Algorithm::ES256 => {`
Move crypto to a dir 2019-11-08 14:00:19 -05:00			`ecdsa::sign(&signature::ECDSA_P256_SHA256_FIXED_SIGNING, key, signing_input)`
Add Key trait and the supported formats 2019-05-15 10:19:38 -04:00			`}`
			`Algorithm::ES384 => {`
Move crypto to a dir 2019-11-08 14:00:19 -05:00			`ecdsa::sign(&signature::ECDSA_P384_SHA384_FIXED_SIGNING, key, signing_input)`
Add Key trait and the supported formats 2019-05-15 10:19:38 -04:00			`}`
Added ES256/ES384/ES512 Algorithm stubs 2019-01-08 20:18:49 -05:00
Move crypto to a dir 2019-11-08 14:00:19 -05:00			`Algorithm::RS256 => rsa::sign(&signature::RSA_PKCS1_SHA256, key, signing_input),`
			`Algorithm::RS384 => rsa::sign(&signature::RSA_PKCS1_SHA384, key, signing_input),`
			`Algorithm::RS512 => rsa::sign(&signature::RSA_PKCS1_SHA512, key, signing_input),`
Support for RSASSA-PSS signing algorithm As specified in https://tools.ietf.org/html/rfc7518#section-3.5 - PS256 - RSASSA-PSS using SHA-256 hash algorithm - PS384 - RSASSA-PSS using SHA-384 hash algorithm - PS512 - RSASSA-PSS using SHA-512 hash algorithm 2019-06-07 14:08:54 -04:00
Move crypto to a dir 2019-11-08 14:00:19 -05:00			`Algorithm::PS256 => rsa::sign(&signature::RSA_PSS_SHA256, key, signing_input),`
			`Algorithm::PS384 => rsa::sign(&signature::RSA_PSS_SHA384, key, signing_input),`
			`Algorithm::PS512 => rsa::sign(&signature::RSA_PSS_SHA512, key, signing_input),`
Work on RSA 2017-02-22 02:45:28 -05:00			`}`
Move to serde + base64 Remove Part trait Move tests to tests directory Reorganise code 2017-01-09 00:50:51 -05:00			`}`

Add some docs 2017-04-12 21:08:07 -04:00			`/// Compares the signature given with a re-computed signature for HMAC or using the public key`
Reorganise a bit and add more docs 2017-04-13 03:36:32 -04:00			`/// for RSA.`
			`///`
			`/// Only use this function if you want to do something other than JWT.`
Work on RSA 2017-02-22 02:45:28 -05:00			`///`
			/// `signature` is the signature part of a jwt (text after the second '.')
Add some docs 2017-04-12 21:08:07 -04:00			`///`
Work on RSA 2017-02-22 02:45:28 -05:00			/// `signing_input` is base64(header) + "." + base64(claims)
rustfmt 2018-10-28 14:58:35 -04:00			`pub fn verify(`
			`signature: &str,`
			`signing_input: &str,`
Remove Key approach in favour of &[u8] with pem 2019-11-06 17:32:13 -05:00			`key: &[u8],`
rustfmt 2018-10-28 14:58:35 -04:00			`algorithm: Algorithm,`
			`) -> Result<bool> {`
Work on RSA 2017-02-22 02:45:28 -05:00			`match algorithm {`
			`Algorithm::HS256 \| Algorithm::HS384 \| Algorithm::HS512 => {`
			`// we just re-sign the data with the key and compare if they are equal`
			`let signed = sign(signing_input, key, algorithm)?;`
			`Ok(verify_slices_are_equal(signature.as_ref(), signed.as_ref()).is_ok())`
rustfmt 2018-10-28 14:58:35 -04:00			`}`
implemented verification of ECDSA signatures and added tests 2019-01-31 23:11:20 -05:00			`Algorithm::ES256 => {`
Fixed conflicts 2019-06-16 12:00:00 -04:00			`verify_ring_es(&signature::ECDSA_P256_SHA256_FIXED, signature, signing_input, key)`
implemented verification of ECDSA signatures and added tests 2019-01-31 23:11:20 -05:00			`}`
			`Algorithm::ES384 => {`
Fixed conflicts 2019-06-16 12:00:00 -04:00			`verify_ring_es(&signature::ECDSA_P384_SHA384_FIXED, signature, signing_input, key)`
Added ES256/ES384/ES512 Algorithm stubs 2019-01-08 20:18:49 -05:00			`}`
rustfmt 2018-10-28 14:58:35 -04:00			`Algorithm::RS256 => {`
Fixed conflicts 2019-06-16 12:00:00 -04:00			`verify_ring_rsa(&signature::RSA_PKCS1_2048_8192_SHA256, signature, signing_input, key)`
rustfmt 2018-10-28 14:58:35 -04:00			`}`
			`Algorithm::RS384 => {`
Fixed conflicts 2019-06-16 12:00:00 -04:00			`verify_ring_rsa(&signature::RSA_PKCS1_2048_8192_SHA384, signature, signing_input, key)`
rustfmt 2018-10-28 14:58:35 -04:00			`}`
			`Algorithm::RS512 => {`
Fixed conflicts 2019-06-16 12:00:00 -04:00			`verify_ring_rsa(&signature::RSA_PKCS1_2048_8192_SHA512, signature, signing_input, key)`
rustfmt 2018-10-28 14:58:35 -04:00			`}`
Support for RSASSA-PSS signing algorithm As specified in https://tools.ietf.org/html/rfc7518#section-3.5 - PS256 - RSASSA-PSS using SHA-256 hash algorithm - PS384 - RSASSA-PSS using SHA-384 hash algorithm - PS512 - RSASSA-PSS using SHA-512 hash algorithm 2019-06-07 14:08:54 -04:00			`Algorithm::PS256 => {`
Fixed conflicts 2019-06-16 12:00:00 -04:00			`verify_ring_rsa(&signature::RSA_PSS_2048_8192_SHA256, signature, signing_input, key)`
Support for RSASSA-PSS signing algorithm As specified in https://tools.ietf.org/html/rfc7518#section-3.5 - PS256 - RSASSA-PSS using SHA-256 hash algorithm - PS384 - RSASSA-PSS using SHA-384 hash algorithm - PS512 - RSASSA-PSS using SHA-512 hash algorithm 2019-06-07 14:08:54 -04:00			`}`
			`Algorithm::PS384 => {`
Fixed conflicts 2019-06-16 12:00:00 -04:00			`verify_ring_rsa(&signature::RSA_PSS_2048_8192_SHA384, signature, signing_input, key)`
Support for RSASSA-PSS signing algorithm As specified in https://tools.ietf.org/html/rfc7518#section-3.5 - PS256 - RSASSA-PSS using SHA-256 hash algorithm - PS384 - RSASSA-PSS using SHA-384 hash algorithm - PS512 - RSASSA-PSS using SHA-512 hash algorithm 2019-06-07 14:08:54 -04:00			`}`
			`Algorithm::PS512 => {`
Fixed conflicts 2019-06-16 12:00:00 -04:00			`verify_ring_rsa(&signature::RSA_PSS_2048_8192_SHA512, signature, signing_input, key)`
Support for RSASSA-PSS signing algorithm As specified in https://tools.ietf.org/html/rfc7518#section-3.5 - PS256 - RSASSA-PSS using SHA-256 hash algorithm - PS384 - RSASSA-PSS using SHA-384 hash algorithm - PS512 - RSASSA-PSS using SHA-512 hash algorithm 2019-06-07 14:08:54 -04:00			`}`
Add Key trait and the supported formats 2019-05-15 10:19:38 -04:00			`}`
			`}`
Move crypto to a dir 2019-11-08 14:00:19 -05:00
			`// TODO: see if we can remove stuff?`

			`/// See Ring docs for more details`
			`fn verify_ring(`
			`alg: &'static dyn signature::VerificationAlgorithm,`
			`signature: &str,`
			`signing_input: &str,`
			`key: &[u8],`
			`) -> Result<bool> {`
			`let signature_bytes = decode(signature)?;`
			`let public_key = signature::UnparsedPublicKey::new(alg, key);`
			`let res = public_key.verify(signing_input.as_bytes(), &signature_bytes);`

			`Ok(res.is_ok())`
			`}`

			`fn verify_ring_es(`
			`alg: &'static dyn signature::VerificationAlgorithm,`
			`signature: &str,`
			`signing_input: &str,`
			`key: &[u8],`
			`) -> Result<bool> {`
			`let pem_key = PemEncodedKey::new(key)?;`
			`verify_ring(alg, signature, signing_input, pem_key.as_ec_public_key()?)`
			`}`

			`fn verify_ring_rsa(`
			`alg: &'static signature::RsaParameters,`
			`signature: &str,`
			`signing_input: &str,`
			`key: &[u8],`
			`) -> Result<bool> {`
			`let pem_key = PemEncodedKey::new(key)?;`
			`verify_ring(alg, signature, signing_input, pem_key.as_rsa_key()?)`
			`}`