From cd7e3b89004f557787bcc0c3947f098b260952fa Mon Sep 17 00:00:00 2001 From: Zhen Lu Date: Mon, 17 Jun 2024 12:10:04 -0700 Subject: [PATCH] Fix RSA signing (#49) --- lightspark/CHANGELOG.md | 3 ++ lightspark/Cargo.toml | 2 +- lightspark/README.md | 4 +- lightspark/examples/osk_test.rs | 73 +++++++++++++++++++++++++++++++++ lightspark/src/crypto.rs | 5 ++- lightspark/src/lib.rs | 2 +- 6 files changed, 83 insertions(+), 6 deletions(-) create mode 100644 lightspark/examples/osk_test.rs diff --git a/lightspark/CHANGELOG.md b/lightspark/CHANGELOG.md index 4861d35..9eec30a 100644 --- a/lightspark/CHANGELOG.md +++ b/lightspark/CHANGELOG.md @@ -1,5 +1,8 @@ # Changelog +# v0.9.2 +- RSA signing should be PSS signatures. + # v0.9.1 - Fix a signing issue with RSA keys. diff --git a/lightspark/Cargo.toml b/lightspark/Cargo.toml index 533270a..0ef1491 100644 --- a/lightspark/Cargo.toml +++ b/lightspark/Cargo.toml @@ -2,7 +2,7 @@ name = "lightspark" description = "Lightspark Rust SDK" authors = ["Lightspark Group, Inc. "] -version = "0.9.1" +version = "0.9.2" edition = "2021" documentation = "https://docs.lightspark.com/lightspark-sdk/getting-started?language=Rust" homepage = "https://www.lightspark.com/" diff --git a/lightspark/README.md b/lightspark/README.md index df913bd..1b58237 100644 --- a/lightspark/README.md +++ b/lightspark/README.md @@ -1,8 +1,8 @@ -# Lightspark Rust SDK - v0.9.1 +# Lightspark Rust SDK - v0.9.2 The Lightspark Rust SDK provides a convenient way to interact with the Lightspark services from applications written in the Rust language. -***WARNING: This SDK is in version 0.9.1 (active development). It means that its APIs may not be fully stable. Please expect that changes to the APIs may happen until we move to v1.0.0.*** +***WARNING: This SDK is in version 0.9.2 (active development). It means that its APIs may not be fully stable. Please expect that changes to the APIs may happen until we move to v1.0.0.*** ## Documentation diff --git a/lightspark/examples/osk_test.rs b/lightspark/examples/osk_test.rs new file mode 100644 index 0000000..05c1bac --- /dev/null +++ b/lightspark/examples/osk_test.rs @@ -0,0 +1,73 @@ +use lightspark::{ + client::LightsparkClient, key::RSASigningKey, request::auth_provider::AccountAuthProvider, +}; + +async fn create_invoice() { + let api_id = std::env::var("LIGHTSPARK_API_CLIENT_ID").unwrap(); + let api_token = std::env::var("LIGHTSPARK_API_CLIENT_SECRET").unwrap(); + let endpoint = std::env::var("LIGHTSPARK_API_ENDPOINT").unwrap(); + + let auth = AccountAuthProvider::new(api_id.to_string(), api_token.to_string()); + let mut client = LightsparkClient::::new(auth).unwrap(); + client.requester.set_base_url(Some(endpoint)); + + let node_id = std::env::var("LIGHTSPARK_NODE_ID").unwrap(); + + let password = std::env::var("LIGHTSPARK_NODE_PASSWORD").unwrap(); + let _ = client.recover_node_signing_key(&node_id, &password).await; + + println!("API ID: {:?}", api_id); + println!("API Token: {:?}", api_token); + println!("Node ID: {:?}", node_id); + + let account = client.get_current_account().await.unwrap(); + println!("Account: {:?}", account.name); + + let invoice = client.create_invoice(&node_id, 10000, None, None).await; + let payment_request = invoice.unwrap().data.encoded_payment_request; + println!("Invoice created: {:?}", payment_request); + + let response = client + .create_test_mode_payment(&node_id, &payment_request, None) + .await; + println!("Payment response: {:?}", response.unwrap().id); +} + +async fn test_payment() { + let api_id = std::env::var("LIGHTSPARK_API_CLIENT_ID").unwrap(); + let api_token = std::env::var("LIGHTSPARK_API_CLIENT_SECRET").unwrap(); + let endpoint = std::env::var("LIGHTSPARK_API_ENDPOINT").unwrap(); + + let auth = AccountAuthProvider::new(api_id.to_string(), api_token.to_string()); + let mut client = LightsparkClient::::new(auth).unwrap(); + client.requester.set_base_url(Some(endpoint)); + + let node_id = std::env::var("LIGHTSPARK_NODE_ID").unwrap(); + + let password = std::env::var("LIGHTSPARK_NODE_PASSWORD").unwrap(); + let _ = client.recover_node_signing_key(&node_id, &password).await; + + println!("API ID: {:?}", api_id); + println!("API Token: {:?}", api_token); + println!("Node ID: {:?}", node_id); + + let account = client.get_current_account().await.unwrap(); + println!("Account: {:?}", account.name); + + let invoice = client + .create_test_mode_invoice(&node_id, 10000, Some("test"), None) + .await; + let payment_request = invoice.unwrap().replace('\"', ""); + println!("Invoice created: {:?}", payment_request); + + let response = client + .pay_invoice(&node_id, &payment_request, 100, None, 1000) + .await; + println!("Payment response: {:?}", response.unwrap().id); +} + +#[tokio::main] +async fn main() { + create_invoice().await; + test_payment().await; +} diff --git a/lightspark/src/crypto.rs b/lightspark/src/crypto.rs index eb58cdf..aa2aab6 100644 --- a/lightspark/src/crypto.rs +++ b/lightspark/src/crypto.rs @@ -8,9 +8,10 @@ use cbc::cipher::block_padding::Pkcs7; use cbc::cipher::{BlockDecryptMut, KeyIvInit}; use pbkdf2::pbkdf2_hmac; use rand::RngCore; +use rsa::pss::BlindedSigningKey; use rsa::sha2::Sha256; use rsa::signature::{RandomizedSigner, SignatureEncoding}; -use rsa::{pkcs1v15::SigningKey, pkcs8::DecodePrivateKey, RsaPrivateKey}; +use rsa::{pkcs8::DecodePrivateKey, RsaPrivateKey}; use serde_json::{json, Error, Value}; const KEY_LEN: usize = 32; @@ -156,7 +157,7 @@ pub fn sign_payload(payload: &[u8], signing_key: &[u8]) -> Result::new(key); + let signing_key = BlindedSigningKey::::new(key); let mut rng = rand::thread_rng(); let signature = signing_key.sign_with_rng(&mut rng, payload); diff --git a/lightspark/src/lib.rs b/lightspark/src/lib.rs index 4ede19f..5cfb631 100644 --- a/lightspark/src/lib.rs +++ b/lightspark/src/lib.rs @@ -28,7 +28,7 @@ //! See more examples in examples/example.rs //! /// The version of this library. -pub const VERSION: &str = "0.9.1"; +pub const VERSION: &str = "0.9.2"; #[cfg(feature = "client")] pub mod client;