changed admin encoding type to bs58

2025-01-23 04:35:46 +02:00 · 2025-01-23 04:35:46 +02:00 · a70faecf26
commit a70faecf26
parent b028a2e947
3 changed files with 37 additions and 8 deletions
--- a/dtrfs_api/Cargo.lock
+++ b/dtrfs_api/Cargo.lock
@ -1,6 +1,6 @@
 # This file is automatically @generated by Cargo.
 # It is not intended for manual editing.
-version = 3
+version = 4

 [[package]]
 name = "actix-codec"
@ -409,6 +409,15 @@ dependencies = [
 "alloc-stdlib",
 ]

+[[package]]
+name = "bs58"
+version = "0.5.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bf88ba1141d185c399bee5288d850d63b8369520c1eafc32a0430b5b6c287bf4"
+dependencies = [
+ "tinyvec",
+]
+
 [[package]]
 name = "byteorder"
 version = "1.5.0"
@ -670,6 +679,7 @@ dependencies = [
 "anyhow",
 "base64",
 "bincode",
+ "bs58",
 "ed25519-dalek",
 "lazy_static",
 "regex",
@ -2081,6 +2091,21 @@ dependencies = [
 "zerovec",
 ]

+[[package]]
+name = "tinyvec"
+version = "1.8.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "022db8904dfa342efe721985167e9fcd16c29b226db4397ed752a761cfce81e8"
+dependencies = [
+ "tinyvec_macros",
+]
+
+[[package]]
+name = "tinyvec_macros"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20"
+
 [[package]]
 name = "tls_codec"
 version = "0.4.1"
--- a/dtrfs_api/Cargo.toml
+++ b/dtrfs_api/Cargo.toml
@ -4,12 +4,13 @@ version = "0.1.0"
 edition = "2021"

 [dependencies]
+bs58 = "0.5.1"
 anyhow = "1.0.93"
 base64 = "0.22.1"
 bincode = "1.3.3"
 regex = "1.11.1"
 sev = { version = "4.0", default-features = false, features = ['crypto_nossl','snp'] }
-ed25519-dalek = { version = "2.1.1", features = ["pem", "pkcs8"] }
+ed25519-dalek = { version = "2.1.1", features = ["pkcs8"] }
 lazy_static = "1.5.0"
 actix-web = { version = "4.9.0", features = ["rustls-0_23"] }
 sha3 = "0.10.8"
--- a/dtrfs_api/src/main.rs
+++ b/dtrfs_api/src/main.rs
@ -45,13 +45,16 @@ fn get_cert_hash() -> [u8; 64] {
 }

 fn verifying_key() -> Result<VerifyingKey, Box<dyn std::error::Error>> {
-    let re = Regex::new(r"detee_admin=([A-Za-z0-9+/=]+)").unwrap();
+    let re = Regex::new(r"detee_admin=([A-Za-z0-9]+)").unwrap();
    let key_str = re.find(&CMDLINE).map(|m| m.as_str()).unwrap_or("");
-    let key_pem = format!(
-        "-----BEGIN PUBLIC KEY-----\n{}\n-----END PUBLIC KEY-----\n",
-        key_str.strip_prefix("detee_admin=").ok_or("Could not get admin key from cmdline")?
-    );
-    Ok(VerifyingKey::from_public_key_pem(&key_pem)?)
+    let key_str =
+        key_str.strip_prefix("detee_admin=").ok_or("Could not get admin key from cmdline")?;
+    Ok(VerifyingKey::from_bytes(
+        &bs58::decode(key_str)
+            .into_vec()?
+            .try_into()
+            .map_err(|_| bs58::decode::Error::BufferTooSmall)?,
+    )?)
 }

 fn verify(req: &HttpRequest) -> Result<(), Box<dyn std::error::Error>> {