diff options
Diffstat (limited to 'src/handlers.rs')
-rw-r--r-- | src/handlers.rs | 33 |
1 files changed, 17 insertions, 16 deletions
diff --git a/src/handlers.rs b/src/handlers.rs index 251d970..5273324 100644 --- a/src/handlers.rs +++ b/src/handlers.rs | |||
@@ -7,6 +7,7 @@ use block_modes::{BlockMode, Cbc}; | |||
7 | use chrono::Utc; | 7 | use chrono::Utc; |
8 | use jsonwebtoken::errors::ErrorKind; | 8 | use jsonwebtoken::errors::ErrorKind; |
9 | use jsonwebtoken::{decode, Algorithm, DecodingKey, TokenData, Validation}; | 9 | use jsonwebtoken::{decode, Algorithm, DecodingKey, TokenData, Validation}; |
10 | use lazy_static::lazy_static; | ||
10 | use log::{debug, warn}; | 11 | use log::{debug, warn}; |
11 | use md5::Md5; | 12 | use md5::Md5; |
12 | use parking_lot::RwLockUpgradableReadGuard; | 13 | use parking_lot::RwLockUpgradableReadGuard; |
@@ -55,6 +56,21 @@ use crate::schema::{ | |||
55 | 56 | ||
56 | const BEARER: &str = "Bearer "; | 57 | const BEARER: &str = "Bearer "; |
57 | 58 | ||
59 | lazy_static! { | ||
60 | static ref DER_ENCODED: String = PRIVATE_KEY | ||
61 | .lines() | ||
62 | .filter(|line| !line.starts_with('-')) | ||
63 | .fold(String::new(), |mut data, line| { | ||
64 | data.push_str(&line); | ||
65 | data | ||
66 | }); | ||
67 | |||
68 | // base64(der(pem)) | ||
69 | // Our private key is saved in PEM (base64) format | ||
70 | static ref DER_BYTES: Vec<u8> = base64::decode(&*DER_ENCODED).expect("failed to decode base64 content"); | ||
71 | static ref GRADECOIN_PRIVATE_KEY: RSAPrivateKey = RSAPrivateKey::from_pkcs1(&DER_BYTES).expect("failed to parse key"); | ||
72 | } | ||
73 | |||
58 | /// POST request to /register endpoint | 74 | /// POST request to /register endpoint |
59 | /// | 75 | /// |
60 | /// Lets a [`User`] (=student) to authenticate themselves to the system | 76 | /// Lets a [`User`] (=student) to authenticate themselves to the system |
@@ -100,21 +116,6 @@ pub async fn authenticate_user( | |||
100 | // In essence PEM files are just base64 encoded versions of the DER encoded data. | 116 | // In essence PEM files are just base64 encoded versions of the DER encoded data. |
101 | // ~tls.mbed.org | 117 | // ~tls.mbed.org |
102 | 118 | ||
103 | // TODO: lazyload or something <14-04-21, yigit> // | ||
104 | // Load our RSA Private Key as DER | ||
105 | let der_encoded = PRIVATE_KEY | ||
106 | .lines() | ||
107 | .filter(|line| !line.starts_with('-')) | ||
108 | .fold(String::new(), |mut data, line| { | ||
109 | data.push_str(&line); | ||
110 | data | ||
111 | }); | ||
112 | |||
113 | // base64(der(pem)) | ||
114 | // Our private key is saved in PEM (base64) format | ||
115 | let der_bytes = base64::decode(&der_encoded).expect("failed to decode base64 content"); | ||
116 | let gradecoin_private_key = RSAPrivateKey::from_pkcs1(&der_bytes).expect("failed to parse key"); | ||
117 | |||
118 | let padding = PaddingScheme::new_oaep::<sha2::Sha256>(); | 119 | let padding = PaddingScheme::new_oaep::<sha2::Sha256>(); |
119 | 120 | ||
120 | // Peel away the base64 layer from "key" field | 121 | // Peel away the base64 layer from "key" field |
@@ -139,7 +140,7 @@ pub async fn authenticate_user( | |||
139 | }; | 140 | }; |
140 | 141 | ||
141 | // Decrypt the "key" field using Gradecoin's private key | 142 | // Decrypt the "key" field using Gradecoin's private key |
142 | let temp_key = match gradecoin_private_key.decrypt(padding, &key_ciphertext) { | 143 | let temp_key = match GRADECOIN_PRIVATE_KEY.decrypt(padding, &key_ciphertext) { |
143 | Ok(k) => k, | 144 | Ok(k) => k, |
144 | Err(err) => { | 145 | Err(err) => { |
145 | debug!( | 146 | debug!( |