aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--src/handlers.rs33
-rw-r--r--src/lib.rs42
-rw-r--r--src/schema.rs1
3 files changed, 24 insertions, 52 deletions
diff --git a/src/handlers.rs b/src/handlers.rs
index 251d970..5273324 100644
--- a/src/handlers.rs
+++ b/src/handlers.rs
@@ -7,6 +7,7 @@ use block_modes::{BlockMode, Cbc};
7use chrono::Utc; 7use chrono::Utc;
8use jsonwebtoken::errors::ErrorKind; 8use jsonwebtoken::errors::ErrorKind;
9use jsonwebtoken::{decode, Algorithm, DecodingKey, TokenData, Validation}; 9use jsonwebtoken::{decode, Algorithm, DecodingKey, TokenData, Validation};
10use lazy_static::lazy_static;
10use log::{debug, warn}; 11use log::{debug, warn};
11use md5::Md5; 12use md5::Md5;
12use parking_lot::RwLockUpgradableReadGuard; 13use parking_lot::RwLockUpgradableReadGuard;
@@ -55,6 +56,21 @@ use crate::schema::{
55 56
56const BEARER: &str = "Bearer "; 57const BEARER: &str = "Bearer ";
57 58
59lazy_static! {
60 static ref DER_ENCODED: String = PRIVATE_KEY
61 .lines()
62 .filter(|line| !line.starts_with('-'))
63 .fold(String::new(), |mut data, line| {
64 data.push_str(&line);
65 data
66 });
67
68 // base64(der(pem))
69 // Our private key is saved in PEM (base64) format
70 static ref DER_BYTES: Vec<u8> = base64::decode(&*DER_ENCODED).expect("failed to decode base64 content");
71 static ref GRADECOIN_PRIVATE_KEY: RSAPrivateKey = RSAPrivateKey::from_pkcs1(&DER_BYTES).expect("failed to parse key");
72}
73
58/// POST request to /register endpoint 74/// POST request to /register endpoint
59/// 75///
60/// Lets a [`User`] (=student) to authenticate themselves to the system 76/// Lets a [`User`] (=student) to authenticate themselves to the system
@@ -100,21 +116,6 @@ pub async fn authenticate_user(
100 // In essence PEM files are just base64 encoded versions of the DER encoded data. 116 // In essence PEM files are just base64 encoded versions of the DER encoded data.
101 // ~tls.mbed.org 117 // ~tls.mbed.org
102 118
103 // TODO: lazyload or something <14-04-21, yigit> //
104 // Load our RSA Private Key as DER
105 let der_encoded = PRIVATE_KEY
106 .lines()
107 .filter(|line| !line.starts_with('-'))
108 .fold(String::new(), |mut data, line| {
109 data.push_str(&line);
110 data
111 });
112
113 // base64(der(pem))
114 // Our private key is saved in PEM (base64) format
115 let der_bytes = base64::decode(&der_encoded).expect("failed to decode base64 content");
116 let gradecoin_private_key = RSAPrivateKey::from_pkcs1(&der_bytes).expect("failed to parse key");
117
118 let padding = PaddingScheme::new_oaep::<sha2::Sha256>(); 119 let padding = PaddingScheme::new_oaep::<sha2::Sha256>();
119 120
120 // Peel away the base64 layer from "key" field 121 // Peel away the base64 layer from "key" field
@@ -139,7 +140,7 @@ pub async fn authenticate_user(
139 }; 140 };
140 141
141 // Decrypt the "key" field using Gradecoin's private key 142 // Decrypt the "key" field using Gradecoin's private key
142 let temp_key = match gradecoin_private_key.decrypt(padding, &key_ciphertext) { 143 let temp_key = match GRADECOIN_PRIVATE_KEY.decrypt(padding, &key_ciphertext) {
143 Ok(k) => k, 144 Ok(k) => k,
144 Err(err) => { 145 Err(err) => {
145 debug!( 146 debug!(
diff --git a/src/lib.rs b/src/lib.rs
index 5442c6b..c335ae9 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -26,40 +26,10 @@ pub mod handlers;
26pub mod routes; 26pub mod routes;
27pub mod schema; 27pub mod schema;
28 28
29pub const PRIVATE_KEY: &str = "-----BEGIN RSA PRIVATE KEY----- 29use lazy_static::lazy_static;
30MIIEogIBAAKCAQEAyGuqiCPGcguy+Y9TH7Bl7XlEsalyqb9bYlzpbV0dnqZ3lPkE 30use std::fs;
31PkuOhkN+GcuiV6iXtSwyh7nB+xTRXKJFRUBO/jbN8jfcxVwBu0JxjF3v1YRBxbOH
32hz2A295mbKD9xHQCKxkfYBNkUXxj8gd+GaDvQiSW5NdrX/lEkvqfGtdEX1m2+Hdc
33G0+3YW24Xg0znhCwLr+sorLuJaDy9Xa0Uo+DPWGC5s001U/BxkCIWJ+eJQCb7Bv+
349vXb8BGRK/ecMb/fb6h5O+8fgB64RCHMgcc2v+Q/dPt8kHX1OJdMuYUrUJGACppM
35QY3W6e1HdlRIBcZKL2LMZ2CrIB/2D5LiJhPThQIDAQABAoIBABbHrg1lS5QA4mnd
36MYyDh0JTq0wqP18t4dwvRVTp5Yj30NW87A+MlPmLyFR0QdKG1h+Ak4m7wmGgfx9x
37TkBNy+y3G/dxBAXmrEe1iKR0tOLm8nbfLgNgKTpUb/3e2pkuumRdqaRI7/kXE2Ea
38Guoc0bUJ5aDDH3A8K+As3lK1rw7LNxwxZdmqmpO+EAldP6NaLnXNP5BegjLK50xP
39NXTDNx6pw+I2ZHHwC/A6+QVksSA6zPipI1poANaO0frHffwKhcEZ/VucuXlJGGq/
40aqXT/cc7IkKUVq8EZUwUqHi4SrnyDDq/mtuikSD0MazxumbeC6fBKRP98Kavy2rT
41JItHSYECgYEA8H/yC9GDrR1bwBesD0pKdKBy18UMFQF3BrB04OjqdGzugdVafF4e
427azYQQTQ0ZddLDvgYl0QYvQaZfv26L7o4VrN5XEg8WjUWKuww8XUYOCfPn4gOFL1
43ar8nQ0w3P65gYf/rw0rFMo3eB78rJMROYnG8nZ/3OdgQjVaYPJxFKmECgYEA1VZy
44EQz8dHK3+F0EfQIFeXOSlYGUegmPZ9iYmh+yvW/zWKLYdXBEHNhAIRlBmfe7Yhj6
451FNluNGjFqZYuRnP0RuiBxt2RCd+AL90Lqq+O6jem4XNgr3cOKoaV0FbaU49sI4s
46/B6iiYBFdVuPBiknz+Wf1KEF9lQ+w2VYSLucY6UCgYAWPe73ste3sehjWo0aGOfL
47427bj6ivZKRKZRVaG5BbVhu0vDOTHu1DU+HoGXbqe1ItnhgBYNP8ItEyL1xFaCqH
48dOtn1c+TI/vHe5FseaZLk1qG4AlAzENQLP+HlMvjQtA9H/sA47BbHY20L7TgwJrz
49NcuY1Et7+QSG3cRUjqtC4QKBgGuP+VUVehfwW0dzBrdMlJwGpGqS+dyKA271awOS
50ZdlTn5saCA82OnFcqwDFLilGGYk9VQJGxivoLtVVq7gwBnLE/u2ccAWu773KyfZZ
51ii6kVxCM5vA7b9R2F2/U+RTgKQRiutWnUIYJUXv5XORbTcJpYSugwFPRaA+2gkux
52pAktAoGABRyVs5LOhQ/oeXe2H2kvuaUq9c7f/dTtnyMNdNxK0uZcQn4jcB2eK9kB
53PDYHM9dfQ8xn51U0fTeaXjy/8Km8fyX2Jtxntlm6puyhSTJ8AX+FEgJkC4ajNEvA
54mJ1Gsy2fXKUyyZdI2b74MLqOpzr9cvS60tmTIScuiHFzg/SJgiA=
55-----END RSA PRIVATE KEY-----";
56 31
57pub const PUB_KEY: &str = "-----BEGIN PUBLIC KEY----- 32lazy_static! {
58MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGuqiCPGcguy+Y9TH7Bl 33 static ref PRIVATE_KEY: String =
597XlEsalyqb9bYlzpbV0dnqZ3lPkEPkuOhkN+GcuiV6iXtSwyh7nB+xTRXKJFRUBO 34 fs::read_to_string("secrets/gradecoin.pem").expect("error reading 'secrets/gradecoin.pem'");
60/jbN8jfcxVwBu0JxjF3v1YRBxbOHhz2A295mbKD9xHQCKxkfYBNkUXxj8gd+GaDv 35}
61QiSW5NdrX/lEkvqfGtdEX1m2+HdcG0+3YW24Xg0znhCwLr+sorLuJaDy9Xa0Uo+D
62PWGC5s001U/BxkCIWJ+eJQCb7Bv+9vXb8BGRK/ecMb/fb6h5O+8fgB64RCHMgcc2
63v+Q/dPt8kHX1OJdMuYUrUJGACppMQY3W6e1HdlRIBcZKL2LMZ2CrIB/2D5LiJhPT
64hQIDAQAB
65-----END PUBLIC KEY-----";
diff --git a/src/schema.rs b/src/schema.rs
index 77e22c1..bbd4628 100644
--- a/src/schema.rs
+++ b/src/schema.rs
@@ -315,6 +315,7 @@ pub struct InitialAuthRequest {
315 pub key: String, 315 pub key: String,
316} 316}
317 317
318// Students who are authorized to have Gradecoin accounts
318lazy_static! { 319lazy_static! {
319 static ref OUR_STUDENTS: HashSet<(&'static str, &'static str)> = { 320 static ref OUR_STUDENTS: HashSet<(&'static str, &'static str)> = {
320 [ 321 [