2017-01-09 00:50:51 -05:00
|
|
|
use ring::constant_time::verify_slices_are_equal;
|
2019-11-08 14:00:19 -05:00
|
|
|
use ring::{hmac, signature};
|
2019-11-09 06:42:40 -05:00
|
|
|
use simple_asn1::BigUint;
|
2017-01-09 00:50:51 -05:00
|
|
|
|
2019-07-06 14:36:32 -04:00
|
|
|
use crate::algorithms::Algorithm;
|
2019-11-09 06:42:40 -05:00
|
|
|
use crate::errors::Result;
|
2019-11-06 17:32:13 -05:00
|
|
|
use crate::pem_decoder::PemEncodedKey;
|
2019-11-09 06:42:40 -05:00
|
|
|
use crate::serialization::{decode, encode};
|
2019-11-08 14:00:19 -05:00
|
|
|
|
|
|
|
pub(crate) mod ecdsa;
|
2019-11-09 06:42:40 -05:00
|
|
|
pub(crate) mod rsa;
|
2018-08-30 14:53:55 -04:00
|
|
|
|
2017-04-14 07:23:28 -04:00
|
|
|
/// The actual HS signing + encoding
|
2019-11-09 06:42:40 -05:00
|
|
|
pub(crate) fn sign_hmac(alg: hmac::Algorithm, key: &[u8], message: &str) -> Result<String> {
|
|
|
|
let digest = hmac::sign(&hmac::Key::new(alg, key), message.as_bytes());
|
2019-11-08 14:00:19 -05:00
|
|
|
Ok(encode(digest.as_ref()))
|
2019-01-08 20:18:49 -05:00
|
|
|
}
|
|
|
|
|
2017-04-13 03:36:32 -04:00
|
|
|
/// Take the payload of a JWT, sign it using the algorithm given and return
|
|
|
|
/// the base64 url safe encoded of the result.
|
|
|
|
///
|
|
|
|
/// Only use this function if you want to do something other than JWT.
|
2019-11-08 14:00:19 -05:00
|
|
|
/// `key` is the secret for HMAC and a pem encoded string otherwise
|
2019-11-09 06:42:40 -05:00
|
|
|
pub fn sign(message: &str, key: &[u8], algorithm: Algorithm) -> Result<String> {
|
2017-02-22 02:45:28 -05:00
|
|
|
match algorithm {
|
2019-11-09 06:42:40 -05:00
|
|
|
Algorithm::HS256 => sign_hmac(hmac::HMAC_SHA256, key, message),
|
|
|
|
Algorithm::HS384 => sign_hmac(hmac::HMAC_SHA384, key, message),
|
|
|
|
Algorithm::HS512 => sign_hmac(hmac::HMAC_SHA512, key, message),
|
2017-02-22 02:45:28 -05:00
|
|
|
|
2019-11-09 06:42:40 -05:00
|
|
|
Algorithm::ES256 => ecdsa::sign(&signature::ECDSA_P256_SHA256_FIXED_SIGNING, key, message),
|
|
|
|
Algorithm::ES384 => ecdsa::sign(&signature::ECDSA_P384_SHA384_FIXED_SIGNING, key, message),
|
|
|
|
|
|
|
|
Algorithm::RS256 => rsa::sign(&signature::RSA_PKCS1_SHA256, key, message),
|
|
|
|
Algorithm::RS384 => rsa::sign(&signature::RSA_PKCS1_SHA384, key, message),
|
|
|
|
Algorithm::RS512 => rsa::sign(&signature::RSA_PKCS1_SHA512, key, message),
|
2019-01-08 20:18:49 -05:00
|
|
|
|
2019-11-09 06:42:40 -05:00
|
|
|
Algorithm::PS256 => rsa::sign(&signature::RSA_PSS_SHA256, key, message),
|
|
|
|
Algorithm::PS384 => rsa::sign(&signature::RSA_PSS_SHA384, key, message),
|
|
|
|
Algorithm::PS512 => rsa::sign(&signature::RSA_PSS_SHA512, key, message),
|
|
|
|
}
|
|
|
|
}
|
2019-06-07 14:08:54 -04:00
|
|
|
|
2019-11-09 06:42:40 -05:00
|
|
|
fn rsa_alg_to_rsa_parameters(alg: Algorithm) -> &'static signature::RsaParameters {
|
|
|
|
match alg {
|
|
|
|
Algorithm::RS256 => &signature::RSA_PKCS1_2048_8192_SHA256,
|
|
|
|
Algorithm::RS384 => &signature::RSA_PKCS1_2048_8192_SHA384,
|
|
|
|
Algorithm::RS512 => &signature::RSA_PKCS1_2048_8192_SHA512,
|
|
|
|
Algorithm::PS256 => &signature::RSA_PSS_2048_8192_SHA256,
|
|
|
|
Algorithm::PS384 => &signature::RSA_PSS_2048_8192_SHA384,
|
|
|
|
Algorithm::PS512 => &signature::RSA_PSS_2048_8192_SHA512,
|
|
|
|
_ => unreachable!("Tried to get RSA signature for a non-rsa algorithm"),
|
2017-02-22 02:45:28 -05:00
|
|
|
}
|
2017-01-09 00:50:51 -05:00
|
|
|
}
|
|
|
|
|
2017-04-12 21:08:07 -04:00
|
|
|
/// Compares the signature given with a re-computed signature for HMAC or using the public key
|
2017-04-13 03:36:32 -04:00
|
|
|
/// for RSA.
|
|
|
|
///
|
|
|
|
/// Only use this function if you want to do something other than JWT.
|
2017-02-22 02:45:28 -05:00
|
|
|
///
|
|
|
|
/// `signature` is the signature part of a jwt (text after the second '.')
|
2017-04-12 21:08:07 -04:00
|
|
|
///
|
2017-02-22 02:45:28 -05:00
|
|
|
/// `signing_input` is base64(header) + "." + base64(claims)
|
2019-11-09 06:42:40 -05:00
|
|
|
/// For ECDSA/RSS, the `key` is the pem public key
|
|
|
|
pub fn verify(signature: &str, message: &str, key: &[u8], algorithm: Algorithm) -> Result<bool> {
|
2017-02-22 02:45:28 -05:00
|
|
|
match algorithm {
|
|
|
|
Algorithm::HS256 | Algorithm::HS384 | Algorithm::HS512 => {
|
2019-11-09 06:42:40 -05:00
|
|
|
// we just re-sign the message with the key and compare if they are equal
|
|
|
|
let signed = sign(message, key, algorithm)?;
|
2017-02-22 02:45:28 -05:00
|
|
|
Ok(verify_slices_are_equal(signature.as_ref(), signed.as_ref()).is_ok())
|
2018-10-28 14:58:35 -04:00
|
|
|
}
|
2019-01-31 23:11:20 -05:00
|
|
|
Algorithm::ES256 => {
|
2019-11-09 06:42:40 -05:00
|
|
|
verify_ring_es(&signature::ECDSA_P256_SHA256_FIXED, signature, message, key)
|
2019-01-31 23:11:20 -05:00
|
|
|
}
|
|
|
|
Algorithm::ES384 => {
|
2019-11-09 06:42:40 -05:00
|
|
|
verify_ring_es(&signature::ECDSA_P384_SHA384_FIXED, signature, message, key)
|
2019-06-07 14:08:54 -04:00
|
|
|
}
|
2019-11-09 06:42:40 -05:00
|
|
|
_ => verify_ring_rsa(rsa_alg_to_rsa_parameters(algorithm), signature, message, key),
|
2019-05-15 10:19:38 -04:00
|
|
|
}
|
|
|
|
}
|
2019-11-08 14:00:19 -05:00
|
|
|
|
|
|
|
// TODO: see if we can remove stuff?
|
|
|
|
|
|
|
|
/// See Ring docs for more details
|
|
|
|
fn verify_ring(
|
|
|
|
alg: &'static dyn signature::VerificationAlgorithm,
|
|
|
|
signature: &str,
|
2019-11-09 06:42:40 -05:00
|
|
|
message: &str,
|
2019-11-08 14:00:19 -05:00
|
|
|
key: &[u8],
|
|
|
|
) -> Result<bool> {
|
|
|
|
let signature_bytes = decode(signature)?;
|
|
|
|
let public_key = signature::UnparsedPublicKey::new(alg, key);
|
2019-11-09 06:42:40 -05:00
|
|
|
let res = public_key.verify(message.as_bytes(), &signature_bytes);
|
2019-11-08 14:00:19 -05:00
|
|
|
|
|
|
|
Ok(res.is_ok())
|
|
|
|
}
|
|
|
|
|
|
|
|
fn verify_ring_es(
|
|
|
|
alg: &'static dyn signature::VerificationAlgorithm,
|
|
|
|
signature: &str,
|
2019-11-09 06:42:40 -05:00
|
|
|
message: &str,
|
2019-11-08 14:00:19 -05:00
|
|
|
key: &[u8],
|
|
|
|
) -> Result<bool> {
|
|
|
|
let pem_key = PemEncodedKey::new(key)?;
|
2019-11-09 06:42:40 -05:00
|
|
|
verify_ring(alg, signature, message, pem_key.as_ec_public_key()?)
|
2019-11-08 14:00:19 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
fn verify_ring_rsa(
|
|
|
|
alg: &'static signature::RsaParameters,
|
|
|
|
signature: &str,
|
2019-11-09 06:42:40 -05:00
|
|
|
message: &str,
|
2019-11-08 14:00:19 -05:00
|
|
|
key: &[u8],
|
|
|
|
) -> Result<bool> {
|
|
|
|
let pem_key = PemEncodedKey::new(key)?;
|
2019-11-09 06:42:40 -05:00
|
|
|
verify_ring(alg, signature, message, pem_key.as_rsa_key()?)
|
|
|
|
}
|
|
|
|
|
|
|
|
pub fn verify_rsa_modulus_exponent(
|
|
|
|
alg: Algorithm,
|
|
|
|
signature: &str,
|
|
|
|
message: &str,
|
|
|
|
components: (&str, &str),
|
|
|
|
) -> Result<bool> {
|
2019-11-11 06:08:11 -05:00
|
|
|
let signature_bytes = decode(signature)?;
|
2019-11-09 06:42:40 -05:00
|
|
|
let n = BigUint::from_bytes_be(&decode(components.0)?).to_bytes_be();
|
|
|
|
let e = BigUint::from_bytes_be(&decode(components.1)?).to_bytes_be();
|
|
|
|
let pubkey = signature::RsaPublicKeyComponents { n, e };
|
2019-11-11 06:08:11 -05:00
|
|
|
let res = pubkey.verify(rsa_alg_to_rsa_parameters(alg), message.as_ref(), &signature_bytes);
|
2019-11-09 06:42:40 -05:00
|
|
|
Ok(res.is_ok())
|
2019-11-08 14:00:19 -05:00
|
|
|
}
|