Try remove use of pkcs1 from peer-snowflake

https://people.redhat.com/~hkario/marvin
PeerDB-io · Dec 19, 2023 · 46f2e57 · 46f2e57
1 parent 51bc1a2
commit 46f2e57
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 16 deletions.
diff --git a/nexus/Cargo.lock b/nexus/Cargo.lock
diff --git a/nexus/peer-snowflake/Cargo.toml b/nexus/peer-snowflake/Cargo.toml
@@ -20,9 +20,7 @@ dashmap = "5.0"
 pgwire = "0.17"
 sha2 = "0.10"
 pt = { path = "../pt" }
-pkcs8 = { version = "0.10.2", features = ["std", "pem", "encryption"] }
-pkcs1 = "0.7.5"
-rsa = "0.9.2"
+rsa = { version = "0.9.2", features = ["pem", "pkcs5"] }
 serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"
 futures = "0.3"

diff --git a/nexus/peer-snowflake/src/auth.rs b/nexus/peer-snowflake/src/auth.rs
@@ -6,9 +6,8 @@ use std::{
 use anyhow::Context;
 use base64::prelude::{Engine as _, BASE64_STANDARD};
 use jsonwebtoken::{encode as jwt_encode, Algorithm, EncodingKey, Header};
-use pkcs1::EncodeRsaPrivateKey;
-use pkcs8::{DecodePrivateKey, EncodePublicKey};
 use rsa::{RsaPrivateKey, RsaPublicKey};
+use rsa::pkcs8::{DecodePrivateKey, EncodePrivateKey, EncodePublicKey};
 use secrecy::{Secret, SecretString};
 use serde::Serialize;
 use sha2::{Digest, Sha256};
@@ -102,7 +101,7 @@ impl SnowflakeAuth {
     #[tracing::instrument(name = "peer_sflake::auth_refresh_jwt", skip_all)]
     fn refresh_jwt(&mut self) -> anyhow::Result<()> {
         let private_key_jwt: EncodingKey = EncodingKey::from_rsa_der(
-            EncodeRsaPrivateKey::to_pkcs1_der(&self.private_key)?.as_bytes(),
+            self.private_key.to_pkcs8_der()?.as_bytes(),
         );
         self.last_refreshed = SystemTime::now().duration_since(UNIX_EPOCH)?.as_secs();
         info!(