Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

replace openssl dependency with pem #272

Closed
wants to merge 1 commit into from
Closed

replace openssl dependency with pem #272

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 13 additions & 1 deletion Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 2 additions & 3 deletions Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ memcached-rs = { version = "0.1" , optional = true }
native-tls = "0.1"
num_cpus = "1.0"
number_prefix = "0.2.5"
openssl = { version = "0.9", optional = true }
pem = "0.5.0"
redis = { version = "0.8.0", optional = true }
regex = "0.2"
retry = "0.4.0"
Expand Down Expand Up @@ -84,12 +84,11 @@ mio-named-pipes = "0.1"
[features]
default = ["s3"]
all = ["redis", "s3", "memcached", "gcs", "azure"]
# gcs requires openssl, which is a pain on Windows.
all-windows = ["redis", "s3", "memcached", "azure"]
azure = ["chrono", "hyper", "hyper-tls", "rust-crypto"]
s3 = ["chrono", "hyper", "hyper-tls", "rust-crypto", "simple-s3"]
simple-s3 = []
gcs = ["chrono", "hyper", "hyper-tls", "jsonwebtoken", "openssl", "url"]
gcs = ["chrono", "hyper", "hyper-tls", "jsonwebtoken", "url"]
memcached = ["memcached-rs"]
# Enable features that require unstable features of Nightly Rust.
unstable = []
Expand Down
8 changes: 4 additions & 4 deletions src/cache/gcs.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ use hyper::Method;
use hyper::client::{Client, HttpConnector, Request};
use hyper_tls::HttpsConnector;
use jwt;
use openssl;
use pem;
use serde_json;
use tokio_core::reactor::Handle;
use url::form_urlencoded;
Expand Down Expand Up @@ -229,14 +229,14 @@ impl GCSCredentialProvider {
issued_at: chrono::UTC::now().timestamp(),
};

let binary_key = openssl::rsa::Rsa::private_key_from_pem(
let pem_cert = pem::parse(
self.sa_key.private_key.as_bytes()
)?.private_key_to_der()?;
)?;

let auth_request_jwt = jwt::encode(
&jwt::Header::new(jwt::Algorithm::RS256),
&jwt_claims,
&binary_key,
&pem_cert.contents,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It looks to me like the private key is never converted to DER format, like it was above.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Or is that just the same as decoding the base64 to binary?

Copy link
Collaborator

@drahnr drahnr Nov 9, 2018
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@fxb that's right (assuming you stripped the --- BEGIN... ---END.. pre/post ambles first), there is a good overview at https://knowledge.digicert.com/generalinformation/INFO4448.html about the differences.

)?;

Ok(auth_request_jwt)
Expand Down
5 changes: 2 additions & 3 deletions src/errors.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,8 +30,7 @@ use lru_disk_cache;
#[cfg(feature = "memcached")]
use memcached;
use native_tls;
#[cfg(feature = "openssl")]
use openssl;
use pem;
use serde_json;
#[cfg(feature = "redis")]
use redis;
Expand All @@ -44,7 +43,7 @@ error_chain! {
Lru(lru_disk_cache::Error);
Json(serde_json::Error);
Jwt(jwt::errors::Error) #[cfg(feature = "jsonwebtoken")];
Openssl(openssl::error::ErrorStack) #[cfg(feature = "openssl")];
Pem(pem::Error);
Bincode(bincode::Error);
Memcached(memcached::proto::Error) #[cfg(feature = "memcached")];
Redis(redis::RedisError) #[cfg(feature = "redis")];
Expand Down
3 changes: 1 addition & 2 deletions src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,8 +58,7 @@ extern crate mio_named_pipes;
extern crate native_tls;
extern crate num_cpus;
extern crate number_prefix;
#[cfg(feature = "openssl")]
extern crate openssl;
extern crate pem;
extern crate ring;
#[cfg(feature = "redis")]
extern crate redis;
Expand Down