Skip to content

Commit

Permalink
Remove direct dependency on pkcs1/pkcs8 (#853)
Browse files Browse the repository at this point in the history 
Refactoring while attempting to remove pkcs1 to get around
https://people.redhat.com/~hkario/marvin
  • Loading branch information
@serprex
serprex authored Dec 19, 2023
1 parent 8e15e28 commit 77dea98
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 18 deletions.
18 changes: 8 additions & 10 deletions nexus/Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 1 addition & 3 deletions nexus/peer-snowflake/Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,9 +20,7 @@ dashmap = "5.0"
pgwire = "0.17"
sha2 = "0.10"
pt = { path = "../pt" }
pkcs8 = { version = "0.10.2", features = ["std", "pem", "encryption"] }
pkcs1 = "0.7.5"
rsa = "0.9.2"
rsa = { version = "0.9.2", features = ["pem", "pkcs5"] }
serde = { version = "1.0", features = ["derive"] }
serde_json = "1.0"
futures = "0.3"
Expand Down
10 changes: 5 additions & 5 deletions nexus/peer-snowflake/src/auth.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,9 @@ use std::{
use anyhow::Context;
use base64::prelude::{Engine as _, BASE64_STANDARD};
use jsonwebtoken::{encode as jwt_encode, Algorithm, EncodingKey, Header};
use pkcs1::EncodeRsaPrivateKey;
use pkcs8::{DecodePrivateKey, EncodePublicKey};
use rsa::{RsaPrivateKey, RsaPublicKey};
use rsa::RsaPrivateKey;
use rsa::pkcs1::EncodeRsaPrivateKey;
use rsa::pkcs8::{DecodePrivateKey, EncodePublicKey};
use secrecy::{Secret, SecretString};
use serde::Serialize;
use sha2::{Digest, Sha256};
Expand Down Expand Up @@ -91,7 +91,7 @@ impl SnowflakeAuth {

#[tracing::instrument(name = "peer_sflake::gen_public_key_fp", skip_all)]
fn gen_public_key_fp(private_key: &RsaPrivateKey) -> anyhow::Result<String> {
let public_key = EncodePublicKey::to_public_key_der(&RsaPublicKey::from(private_key))?;
let public_key = private_key.to_public_key().to_public_key_der()?;
let res = format!(
"SHA256:{}",
BASE64_STANDARD.encode(Sha256::new_with_prefix(public_key.as_bytes()).finalize())
Expand All @@ -102,7 +102,7 @@ impl SnowflakeAuth {
#[tracing::instrument(name = "peer_sflake::auth_refresh_jwt", skip_all)]
fn refresh_jwt(&mut self) -> anyhow::Result<()> {
let private_key_jwt: EncodingKey = EncodingKey::from_rsa_der(
EncodeRsaPrivateKey::to_pkcs1_der(&self.private_key)?.as_bytes(),
self.private_key.to_pkcs1_der()?.as_bytes(),
);
self.last_refreshed = SystemTime::now().duration_since(UNIX_EPOCH)?.as_secs();
info!(
Expand Down

0 comments on commit 77dea98

Please sign in to comment.