From a70faecf26c6f6afab79e0c61c09fa3dd37dc29e Mon Sep 17 00:00:00 2001 From: ghe0 Date: Thu, 23 Jan 2025 04:35:46 +0200 Subject: [PATCH] changed admin encoding type to bs58 --- dtrfs_api/Cargo.lock | 27 ++++++++++++++++++++++++++- dtrfs_api/Cargo.toml | 3 ++- dtrfs_api/src/main.rs | 15 +++++++++------ 3 files changed, 37 insertions(+), 8 deletions(-) diff --git a/dtrfs_api/Cargo.lock b/dtrfs_api/Cargo.lock index f72473f..77c70ff 100644 --- a/dtrfs_api/Cargo.lock +++ b/dtrfs_api/Cargo.lock @@ -1,6 +1,6 @@ # This file is automatically @generated by Cargo. # It is not intended for manual editing. -version = 3 +version = 4 [[package]] name = "actix-codec" @@ -409,6 +409,15 @@ dependencies = [ "alloc-stdlib", ] +[[package]] +name = "bs58" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bf88ba1141d185c399bee5288d850d63b8369520c1eafc32a0430b5b6c287bf4" +dependencies = [ + "tinyvec", +] + [[package]] name = "byteorder" version = "1.5.0" @@ -670,6 +679,7 @@ dependencies = [ "anyhow", "base64", "bincode", + "bs58", "ed25519-dalek", "lazy_static", "regex", @@ -2081,6 +2091,21 @@ dependencies = [ "zerovec", ] +[[package]] +name = "tinyvec" +version = "1.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "022db8904dfa342efe721985167e9fcd16c29b226db4397ed752a761cfce81e8" +dependencies = [ + "tinyvec_macros", +] + +[[package]] +name = "tinyvec_macros" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" + [[package]] name = "tls_codec" version = "0.4.1" diff --git a/dtrfs_api/Cargo.toml b/dtrfs_api/Cargo.toml index f01b59f..ee33cbf 100644 --- a/dtrfs_api/Cargo.toml +++ b/dtrfs_api/Cargo.toml @@ -4,12 +4,13 @@ version = "0.1.0" edition = "2021" [dependencies] +bs58 = "0.5.1" anyhow = "1.0.93" base64 = "0.22.1" bincode = "1.3.3" regex = "1.11.1" sev = { version = "4.0", default-features = false, features = ['crypto_nossl','snp'] } -ed25519-dalek = { version = "2.1.1", features = ["pem", "pkcs8"] } +ed25519-dalek = { version = "2.1.1", features = ["pkcs8"] } lazy_static = "1.5.0" actix-web = { version = "4.9.0", features = ["rustls-0_23"] } sha3 = "0.10.8" diff --git a/dtrfs_api/src/main.rs b/dtrfs_api/src/main.rs index d031580..67ae636 100644 --- a/dtrfs_api/src/main.rs +++ b/dtrfs_api/src/main.rs @@ -45,13 +45,16 @@ fn get_cert_hash() -> [u8; 64] { } fn verifying_key() -> Result> { - let re = Regex::new(r"detee_admin=([A-Za-z0-9+/=]+)").unwrap(); + let re = Regex::new(r"detee_admin=([A-Za-z0-9]+)").unwrap(); let key_str = re.find(&CMDLINE).map(|m| m.as_str()).unwrap_or(""); - let key_pem = format!( - "-----BEGIN PUBLIC KEY-----\n{}\n-----END PUBLIC KEY-----\n", - key_str.strip_prefix("detee_admin=").ok_or("Could not get admin key from cmdline")? - ); - Ok(VerifyingKey::from_public_key_pem(&key_pem)?) + let key_str = + key_str.strip_prefix("detee_admin=").ok_or("Could not get admin key from cmdline")?; + Ok(VerifyingKey::from_bytes( + &bs58::decode(key_str) + .into_vec()? + .try_into() + .map_err(|_| bs58::decode::Error::BufferTooSmall)?, + )?) } fn verify(req: &HttpRequest) -> Result<(), Box> {