2017-01-09 00:50:51 -05:00
|
|
|
use base64;
|
|
|
|
use ring::constant_time::verify_slices_are_equal;
|
2018-10-28 14:58:35 -04:00
|
|
|
use ring::{digest, hmac, rand, signature};
|
|
|
|
use untrusted;
|
2017-01-09 00:50:51 -05:00
|
|
|
|
2019-07-06 14:36:32 -04:00
|
|
|
use crate::algorithms::Algorithm;
|
|
|
|
use crate::errors::{new_error, ErrorKind, Result};
|
|
|
|
use crate::keys::Key;
|
2018-08-30 14:53:55 -04:00
|
|
|
|
2017-04-14 07:23:28 -04:00
|
|
|
/// The actual HS signing + encoding
|
2019-06-16 11:51:43 -04:00
|
|
|
fn sign_hmac(alg: &'static digest::Algorithm, key: Key, signing_input: &str) -> Result<String> {
|
|
|
|
let signing_key = match key {
|
|
|
|
Key::Hmac(bytes) => hmac::SigningKey::new(alg, bytes),
|
|
|
|
_ => return Err(ErrorKind::InvalidKeyFormat)?,
|
|
|
|
};
|
2017-04-23 01:14:26 -04:00
|
|
|
let digest = hmac::sign(&signing_key, signing_input.as_bytes());
|
|
|
|
|
2018-10-28 14:58:35 -04:00
|
|
|
Ok(base64::encode_config::<hmac::Signature>(&digest, base64::URL_SAFE_NO_PAD))
|
2017-04-14 07:23:28 -04:00
|
|
|
}
|
|
|
|
|
2019-01-08 20:18:49 -05:00
|
|
|
/// The actual ECDSA signing + encoding
|
2019-06-16 11:51:43 -04:00
|
|
|
fn sign_ecdsa(
|
2019-05-15 10:19:38 -04:00
|
|
|
alg: &'static signature::EcdsaSigningAlgorithm,
|
2019-06-16 11:51:43 -04:00
|
|
|
key: Key,
|
2019-05-15 10:19:38 -04:00
|
|
|
signing_input: &str,
|
|
|
|
) -> Result<String> {
|
2019-06-16 11:51:43 -04:00
|
|
|
let signing_key = match key {
|
|
|
|
Key::Pkcs8(bytes) => {
|
|
|
|
signature::EcdsaKeyPair::from_pkcs8(alg, untrusted::Input::from(bytes))?
|
2019-05-15 10:19:38 -04:00
|
|
|
}
|
|
|
|
_ => {
|
2019-06-16 11:51:43 -04:00
|
|
|
return Err(new_error(ErrorKind::InvalidKeyFormat));
|
2019-05-15 10:19:38 -04:00
|
|
|
}
|
|
|
|
};
|
2019-01-08 20:46:06 -05:00
|
|
|
let rng = rand::SystemRandom::new();
|
|
|
|
let sig = signing_key.sign(&rng, untrusted::Input::from(signing_input.as_bytes()))?;
|
|
|
|
Ok(base64::encode_config(&sig, base64::URL_SAFE_NO_PAD))
|
2019-01-08 20:18:49 -05:00
|
|
|
}
|
|
|
|
|
2017-04-14 07:23:28 -04:00
|
|
|
/// The actual RSA signing + encoding
|
|
|
|
/// Taken from Ring doc https://briansmith.org/rustdoc/ring/signature/index.html
|
2019-07-06 14:36:32 -04:00
|
|
|
fn sign_rsa(
|
|
|
|
alg: &'static dyn signature::RsaEncoding,
|
|
|
|
key: Key,
|
|
|
|
signing_input: &str,
|
|
|
|
) -> Result<String> {
|
2019-06-16 11:51:43 -04:00
|
|
|
let key_pair = match key {
|
|
|
|
Key::Der(bytes) => signature::RsaKeyPair::from_der(untrusted::Input::from(bytes))
|
|
|
|
.map_err(|_| ErrorKind::InvalidRsaKey)?,
|
|
|
|
Key::Pkcs8(bytes) => signature::RsaKeyPair::from_pkcs8(untrusted::Input::from(bytes))
|
|
|
|
.map_err(|_| ErrorKind::InvalidRsaKey)?,
|
2019-05-15 10:19:38 -04:00
|
|
|
_ => {
|
|
|
|
return Err(ErrorKind::InvalidKeyFormat)?;
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2019-01-08 20:46:06 -05:00
|
|
|
let mut signature = vec![0; key_pair.public_modulus_len()];
|
2017-04-14 07:23:28 -04:00
|
|
|
let rng = rand::SystemRandom::new();
|
2019-01-08 20:46:06 -05:00
|
|
|
key_pair
|
2019-01-31 23:11:20 -05:00
|
|
|
.sign(alg, &rng, signing_input.as_bytes(), &mut signature)
|
2018-07-25 08:43:58 -04:00
|
|
|
.map_err(|_| ErrorKind::InvalidRsaKey)?;
|
2017-04-14 07:23:28 -04:00
|
|
|
|
2018-10-28 14:58:35 -04:00
|
|
|
Ok(base64::encode_config::<[u8]>(&signature, base64::URL_SAFE_NO_PAD))
|
2017-04-14 07:23:28 -04:00
|
|
|
}
|
2017-01-09 00:50:51 -05:00
|
|
|
|
2017-04-13 03:36:32 -04:00
|
|
|
/// Take the payload of a JWT, sign it using the algorithm given and return
|
|
|
|
/// the base64 url safe encoded of the result.
|
|
|
|
///
|
|
|
|
/// Only use this function if you want to do something other than JWT.
|
2019-06-16 11:51:43 -04:00
|
|
|
pub fn sign(signing_input: &str, key: Key, algorithm: Algorithm) -> Result<String> {
|
2017-02-22 02:45:28 -05:00
|
|
|
match algorithm {
|
2017-04-14 07:23:28 -04:00
|
|
|
Algorithm::HS256 => sign_hmac(&digest::SHA256, key, signing_input),
|
|
|
|
Algorithm::HS384 => sign_hmac(&digest::SHA384, key, signing_input),
|
|
|
|
Algorithm::HS512 => sign_hmac(&digest::SHA512, key, signing_input),
|
2017-02-22 02:45:28 -05:00
|
|
|
|
2019-05-15 10:19:38 -04:00
|
|
|
Algorithm::ES256 => {
|
|
|
|
sign_ecdsa(&signature::ECDSA_P256_SHA256_FIXED_SIGNING, key, signing_input)
|
|
|
|
}
|
|
|
|
Algorithm::ES384 => {
|
|
|
|
sign_ecdsa(&signature::ECDSA_P384_SHA384_FIXED_SIGNING, key, signing_input)
|
|
|
|
}
|
2019-01-08 20:18:49 -05:00
|
|
|
|
2019-01-31 23:11:20 -05:00
|
|
|
Algorithm::RS256 => sign_rsa(&signature::RSA_PKCS1_SHA256, key, signing_input),
|
|
|
|
Algorithm::RS384 => sign_rsa(&signature::RSA_PKCS1_SHA384, key, signing_input),
|
|
|
|
Algorithm::RS512 => sign_rsa(&signature::RSA_PKCS1_SHA512, key, signing_input),
|
2019-06-07 14:08:54 -04:00
|
|
|
|
|
|
|
Algorithm::PS256 => sign_rsa(&signature::RSA_PSS_SHA256, key, signing_input),
|
|
|
|
Algorithm::PS384 => sign_rsa(&signature::RSA_PSS_SHA384, key, signing_input),
|
|
|
|
Algorithm::PS512 => sign_rsa(&signature::RSA_PSS_SHA512, key, signing_input),
|
2017-02-22 02:45:28 -05:00
|
|
|
}
|
2017-01-09 00:50:51 -05:00
|
|
|
}
|
|
|
|
|
2019-01-31 23:11:20 -05:00
|
|
|
/// See Ring docs for more details
|
|
|
|
fn verify_ring(
|
|
|
|
alg: &dyn signature::VerificationAlgorithm,
|
2018-10-28 14:58:35 -04:00
|
|
|
signature: &str,
|
|
|
|
signing_input: &str,
|
|
|
|
key: &[u8],
|
|
|
|
) -> Result<bool> {
|
2017-04-14 07:23:28 -04:00
|
|
|
let signature_bytes = base64::decode_config(signature, base64::URL_SAFE_NO_PAD)?;
|
|
|
|
let public_key_der = untrusted::Input::from(key);
|
|
|
|
let message = untrusted::Input::from(signing_input.as_bytes());
|
|
|
|
let expected_signature = untrusted::Input::from(signature_bytes.as_slice());
|
|
|
|
|
|
|
|
let res = signature::verify(alg, public_key_der, message, expected_signature);
|
|
|
|
|
|
|
|
Ok(res.is_ok())
|
|
|
|
}
|
|
|
|
|
2019-06-16 11:51:43 -04:00
|
|
|
fn verify_ring_es(
|
|
|
|
alg: &dyn signature::VerificationAlgorithm,
|
|
|
|
signature: &str,
|
|
|
|
signing_input: &str,
|
|
|
|
key: Key,
|
|
|
|
) -> Result<bool> {
|
|
|
|
let bytes = match key {
|
|
|
|
Key::Pkcs8(bytes) => bytes,
|
|
|
|
_ => {
|
|
|
|
return Err(ErrorKind::InvalidKeyFormat)?;
|
|
|
|
}
|
|
|
|
};
|
|
|
|
verify_ring(alg, signature, signing_input, bytes)
|
|
|
|
}
|
|
|
|
|
|
|
|
fn verify_ring_rsa(
|
|
|
|
alg: &dyn signature::VerificationAlgorithm,
|
|
|
|
signature: &str,
|
|
|
|
signing_input: &str,
|
|
|
|
key: Key,
|
|
|
|
) -> Result<bool> {
|
|
|
|
let bytes = match key {
|
|
|
|
Key::Der(bytes) | Key::Pkcs8(bytes) => bytes,
|
|
|
|
_ => {
|
|
|
|
return Err(ErrorKind::InvalidKeyFormat)?;
|
|
|
|
}
|
|
|
|
};
|
|
|
|
verify_ring(alg, signature, signing_input, bytes)
|
|
|
|
}
|
|
|
|
|
2017-04-12 21:08:07 -04:00
|
|
|
/// Compares the signature given with a re-computed signature for HMAC or using the public key
|
2017-04-13 03:36:32 -04:00
|
|
|
/// for RSA.
|
|
|
|
///
|
|
|
|
/// Only use this function if you want to do something other than JWT.
|
2017-02-22 02:45:28 -05:00
|
|
|
///
|
|
|
|
/// `signature` is the signature part of a jwt (text after the second '.')
|
2017-04-12 21:08:07 -04:00
|
|
|
///
|
2017-02-22 02:45:28 -05:00
|
|
|
/// `signing_input` is base64(header) + "." + base64(claims)
|
2018-10-28 14:58:35 -04:00
|
|
|
pub fn verify(
|
|
|
|
signature: &str,
|
|
|
|
signing_input: &str,
|
2019-06-16 12:00:00 -04:00
|
|
|
key: Key,
|
2018-10-28 14:58:35 -04:00
|
|
|
algorithm: Algorithm,
|
|
|
|
) -> Result<bool> {
|
2017-02-22 02:45:28 -05:00
|
|
|
match algorithm {
|
|
|
|
Algorithm::HS256 | Algorithm::HS384 | Algorithm::HS512 => {
|
|
|
|
// we just re-sign the data with the key and compare if they are equal
|
|
|
|
let signed = sign(signing_input, key, algorithm)?;
|
|
|
|
Ok(verify_slices_are_equal(signature.as_ref(), signed.as_ref()).is_ok())
|
2018-10-28 14:58:35 -04:00
|
|
|
}
|
2019-01-31 23:11:20 -05:00
|
|
|
Algorithm::ES256 => {
|
2019-06-16 12:00:00 -04:00
|
|
|
verify_ring_es(&signature::ECDSA_P256_SHA256_FIXED, signature, signing_input, key)
|
2019-01-31 23:11:20 -05:00
|
|
|
}
|
|
|
|
Algorithm::ES384 => {
|
2019-06-16 12:00:00 -04:00
|
|
|
verify_ring_es(&signature::ECDSA_P384_SHA384_FIXED, signature, signing_input, key)
|
2019-01-08 20:18:49 -05:00
|
|
|
}
|
2018-10-28 14:58:35 -04:00
|
|
|
Algorithm::RS256 => {
|
2019-06-16 12:00:00 -04:00
|
|
|
verify_ring_rsa(&signature::RSA_PKCS1_2048_8192_SHA256, signature, signing_input, key)
|
2018-10-28 14:58:35 -04:00
|
|
|
}
|
|
|
|
Algorithm::RS384 => {
|
2019-06-16 12:00:00 -04:00
|
|
|
verify_ring_rsa(&signature::RSA_PKCS1_2048_8192_SHA384, signature, signing_input, key)
|
2018-10-28 14:58:35 -04:00
|
|
|
}
|
|
|
|
Algorithm::RS512 => {
|
2019-06-16 12:00:00 -04:00
|
|
|
verify_ring_rsa(&signature::RSA_PKCS1_2048_8192_SHA512, signature, signing_input, key)
|
2018-10-28 14:58:35 -04:00
|
|
|
}
|
2019-06-07 14:08:54 -04:00
|
|
|
Algorithm::PS256 => {
|
2019-06-16 12:00:00 -04:00
|
|
|
verify_ring_rsa(&signature::RSA_PSS_2048_8192_SHA256, signature, signing_input, key)
|
2019-06-07 14:08:54 -04:00
|
|
|
}
|
|
|
|
Algorithm::PS384 => {
|
2019-06-16 12:00:00 -04:00
|
|
|
verify_ring_rsa(&signature::RSA_PSS_2048_8192_SHA384, signature, signing_input, key)
|
2019-06-07 14:08:54 -04:00
|
|
|
}
|
|
|
|
Algorithm::PS512 => {
|
2019-06-16 12:00:00 -04:00
|
|
|
verify_ring_rsa(&signature::RSA_PSS_2048_8192_SHA512, signature, signing_input, key)
|
2019-06-07 14:08:54 -04:00
|
|
|
}
|
2019-05-15 10:19:38 -04:00
|
|
|
}
|
|
|
|
}
|