testnet/dtrfs
5
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add support for payments #2

Merged
ghe0 merged 1 commits from payments into master 2025-01-24 23:22:40 +00:00
Conversation 0 Commits 1 Files Changed 3 +41 -13
3 changed files with 41 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 60f1c8c2e2 - Show all commits

27
dtrfs_api/Cargo.lock generated
View File

@ -1,6 +1,6 @@
# This file is automatically @generated by Cargo. # This file is automatically @generated by Cargo.
# It is not intended for manual editing. # It is not intended for manual editing.
version = 3 version = 4
[[package]] [[package]]
name = "actix-codec" name = "actix-codec"
@ -409,6 +409,15 @@ dependencies = [
"alloc-stdlib", "alloc-stdlib",
] ]
[[package]]
name = "bs58"
version = "0.5.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bf88ba1141d185c399bee5288d850d63b8369520c1eafc32a0430b5b6c287bf4"
dependencies = [
"tinyvec",
]
[[package]] [[package]]
name = "byteorder" name = "byteorder"
version = "1.5.0" version = "1.5.0"
@ -670,6 +679,7 @@ dependencies = [
"anyhow", "anyhow",
"base64", "base64",
"bincode", "bincode",
"bs58",
"ed25519-dalek", "ed25519-dalek",
"lazy_static", "lazy_static",
"regex", "regex",
@ -2081,6 +2091,21 @@ dependencies = [
"zerovec", "zerovec",
] ]
[[package]]
name = "tinyvec"
version = "1.8.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "022db8904dfa342efe721985167e9fcd16c29b226db4397ed752a761cfce81e8"
dependencies = [
"tinyvec_macros",
]
[[package]]
name = "tinyvec_macros"
version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20"
[[package]] [[package]]
name = "tls_codec" name = "tls_codec"
version = "0.4.1" version = "0.4.1"

5
dtrfs_api/Cargo.toml
View File

@ -4,15 +4,16 @@ version = "0.1.0"
edition = "2021" edition = "2021"
[dependencies] [dependencies]
bs58 = "0.5.1"
anyhow = "1.0.93" anyhow = "1.0.93"
base64 = "0.22.1"
bincode = "1.3.3" bincode = "1.3.3"
regex = "1.11.1" regex = "1.11.1"
sev = { version = "4.0", default-features = false, features = ['crypto_nossl','snp'] } sev = { version = "4.0", default-features = false, features = ['crypto_nossl','snp'] }
ed25519-dalek = { version = "2.1.1", features = ["pem", "pkcs8"] } ed25519-dalek = { version = "2.1.1" }
lazy_static = "1.5.0" lazy_static = "1.5.0"
actix-web = { version = "4.9.0", features = ["rustls-0_23"] } actix-web = { version = "4.9.0", features = ["rustls-0_23"] }
sha3 = "0.10.8" sha3 = "0.10.8"
rustls = "0.23.18" rustls = "0.23.18"
rustls-pemfile = "2.2.0" rustls-pemfile = "2.2.0"
serde = { version = "1.0.215", features = ["derive"] } serde = { version = "1.0.215", features = ["derive"] }
base64 = "0.22.1"

22
dtrfs_api/src/main.rs
View File

@ -2,8 +2,7 @@ mod os;
mod snp; mod snp;
use actix_web::{get, post, web, App, HttpRequest, HttpResponse, HttpServer}; use actix_web::{get, post, web, App, HttpRequest, HttpResponse, HttpServer};
use base64::prelude::{Engine, BASE64_URL_SAFE}; use ed25519_dalek::{Signature, Verifier, VerifyingKey};
use ed25519_dalek::{pkcs8::DecodePublicKey, Signature, Verifier, VerifyingKey};
use lazy_static::lazy_static; use lazy_static::lazy_static;
use regex::Regex; use regex::Regex;
use rustls::{pki_types::PrivateKeyDer, ServerConfig}; use rustls::{pki_types::PrivateKeyDer, ServerConfig};
@ -45,13 +44,16 @@ fn get_cert_hash() -> [u8; 64] {
} }
fn verifying_key() -> Result<VerifyingKey, Box<dyn std::error::Error>> { fn verifying_key() -> Result<VerifyingKey, Box<dyn std::error::Error>> {
let re = Regex::new(r"detee_admin=([A-Za-z0-9+/=]+)").unwrap(); let re = Regex::new(r"detee_admin=([A-Za-z0-9]+)").unwrap();
let key_str = re.find(&CMDLINE).map(|m| m.as_str()).unwrap_or(""); let key_str = re.find(&CMDLINE).map(|m| m.as_str()).unwrap_or("");
let key_pem = format!( let key_str =
"-----BEGIN PUBLIC KEY-----\n{}\n-----END PUBLIC KEY-----\n", key_str.strip_prefix("detee_admin=").ok_or("Could not get admin key from cmdline")?;
key_str.strip_prefix("detee_admin=").ok_or("Could not get admin key from cmdline")? Ok(VerifyingKey::from_bytes(
); &bs58::decode(key_str)
Ok(VerifyingKey::from_public_key_pem(&key_pem)?) .into_vec()?
.try_into()
.map_err(|_| bs58::decode::Error::BufferTooSmall)?,
)?)
} }
fn verify(req: &HttpRequest) -> Result<(), Box<dyn std::error::Error>> { fn verify(req: &HttpRequest) -> Result<(), Box<dyn std::error::Error>> {
@ -60,8 +62,8 @@ fn verify(req: &HttpRequest) -> Result<(), Box<dyn std::error::Error>> {
.get("ed25519-signature") .get("ed25519-signature")
.ok_or_else(|| "Did not find ed25519-signature header")?; .ok_or_else(|| "Did not find ed25519-signature header")?;
let signature: &[u8] = &BASE64_URL_SAFE.decode(signature)?; let signature = bs58::decode(signature).into_vec()?;
let signature = Signature::from_bytes(signature.try_into()?); let signature = Signature::from_bytes(signature.as_slice().try_into()?);
let verifying_key = verifying_key()?; let verifying_key = verifying_key()?;
Ok(verifying_key.verify(CRT_CONTENTS.as_bytes(), &signature)?) Ok(verifying_key.verify(CRT_CONTENTS.as_bytes(), &signature)?)
} }