From 4f2ebd74e8e182abc78e8bc24d7e56faf9ad0e13 Mon Sep 17 00:00:00 2001 From: aumetra Date: Tue, 20 Feb 2024 19:51:20 +0100 Subject: [PATCH] update easy api --- lib/http-signatures/Cargo.toml | 2 +- lib/http-signatures/src/cavage/easy.rs | 16 +++++++++------- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/lib/http-signatures/Cargo.toml b/lib/http-signatures/Cargo.toml index 0fcf80018..5d47522ca 100644 --- a/lib/http-signatures/Cargo.toml +++ b/lib/http-signatures/Cargo.toml @@ -29,7 +29,7 @@ itertools = { version = "0.12.1", default-features = false } logos = "0.14.0" miette = "7.1.0" pkcs8 = { version = "0.10.2", features = ["pem", "std"] } -ring = "0.17.7" +ring = { version = "0.17.7", features = ["std"] } thiserror = "1.0.57" tracing = { version = "0.1.40", default-features = false, optional = true } diff --git a/lib/http-signatures/src/cavage/easy.rs b/lib/http-signatures/src/cavage/easy.rs index 7a154cee5..8bbaff0f6 100644 --- a/lib/http-signatures/src/cavage/easy.rs +++ b/lib/http-signatures/src/cavage/easy.rs @@ -5,7 +5,7 @@ //! use super::SafetyCheckError; -use crate::{cavage::SignatureHeader, crypto::SigningKey, BoxError, SIGNATURE_HEADER}; +use crate::{cavage::SignatureHeader, BoxError, SIGNATURE_HEADER}; use http::{header::DATE, HeaderValue, Method}; use std::{future::Future, time::SystemTime}; use thiserror::Error; @@ -59,16 +59,17 @@ pub enum Error { } /// Sign an HTTP request using the provided signing key using opinionated defaults +/// +/// The key parameter has to be an PEM-encoded private key in the PKCS#8 format +/// +/// This will fail if the key algorithm is unsupported. For a list of supported algorithms, check [`crate::crypto::parse::private_key`] #[inline] #[instrument(skip_all)] -pub async fn sign( +pub async fn sign( mut req: http::Request, key_id: &str, - key: SK, -) -> Result, Error> -where - SK: SigningKey + Send + 'static, -{ + key: &str, +) -> Result, Error> { // First, set/overwrite the `Date` header let date_header_value = HeaderValue::from_str(&httpdate::fmt_http_date(SystemTime::now())).unwrap(); @@ -90,6 +91,7 @@ where debug_assert!(super::is_safe(&req, &signature_header).is_ok()); + let key = crate::crypto::parse::private_key(key)?; let signature_string = super::signature_string::construct(&req, &signature_header)?; let signature = blowocking::crypto(move || crate::crypto::sign(signature_string.as_bytes(), &key)).await?;