diff --git a/Cargo.lock b/Cargo.lock index 04ae34b..df23ece 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -714,7 +714,7 @@ dependencies = [ "libflate", "md5", "mime", - "openssl", + "pem", "rand 0.9.1", "reqwest", "rsa", @@ -1409,9 +1409,9 @@ checksum = "c9627da5196e5d8ed0b0495e61e518847578da83483c37288316d9b2e03a7f72" [[package]] name = "libsqlite3-sys" -version = "0.33.0" +version = "0.35.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "947e6816f7825b2b45027c2c32e7085da9934defa535de4a6a46b10a4d5257fa" +checksum = "133c182a6a2c87864fe97778797e46c7e999672690dc9fa3ee8e241aa4a9c13f" dependencies = [ "cc", "pkg-config", @@ -1465,9 +1465,9 @@ checksum = "13dc2df351e3202783a1fe0d44375f7295ffb4049267b0f3018346dc122a1d94" [[package]] name = "md5" -version = "0.7.0" +version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "490cc448043f947bae3cbee9c203358d62dbee0db12107a74be5c30ccfd09771" +checksum = "ae960838283323069879657ca3de837e9f7bbb4c7bf6ea7f1b290d5e9476d2e0" [[package]] name = "memchr" @@ -1619,15 +1619,6 @@ version = "0.1.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d05e27ee213611ffe7d6348b942e8f942b37114c00cc03cec254295a4a17852e" -[[package]] -name = "openssl-src" -version = "300.5.0+3.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e8ce546f549326b0e6052b649198487d91320875da901e7bd11a06d1ee3f9c2f" -dependencies = [ - "cc", -] - [[package]] name = "openssl-sys" version = "0.9.108" @@ -1636,7 +1627,6 @@ checksum = "e145e1651e858e820e4860f7b9c5e169bc1d8ce1c86043be79fa7b7634821847" dependencies = [ "cc", "libc", - "openssl-src", "pkg-config", "vcpkg", ] @@ -1664,6 +1654,16 @@ dependencies = [ "windows-targets 0.52.6", ] +[[package]] +name = "pem" +version = "3.0.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1d30c53c26bc5b31a98cd02d20f25a7c8567146caf63ed593a9d87b2775291be" +dependencies = [ + "base64", + "serde_core", +] + [[package]] name = "pem-rfc7468" version = "0.7.0" @@ -1962,6 +1962,7 @@ dependencies = [ "pkcs1", "pkcs8", "rand_core 0.6.4", + "sha1", "signature", "spki", "subtle", @@ -1970,9 +1971,9 @@ dependencies = [ [[package]] name = "rusqlite" -version = "0.35.0" +version = "0.37.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a22715a5d6deef63c637207afbe68d0c72c3f8d0022d7cf9714c442d6157606b" +checksum = "165ca6e57b20e1351573e3729b958bc62f0e48025386970b6e4d29e7a7e71f3f" dependencies = [ "bitflags", "fallible-iterator", @@ -2092,18 +2093,28 @@ dependencies = [ [[package]] name = "serde" -version = "1.0.219" +version = "1.0.228" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5f0e2c6ed6606019b4e29e69dbaba95b11854410e5347d525002456dbbb786b6" +checksum = "9a8e94ea7f378bd32cbbd37198a4a91436180c5bb472411e48b5ec2e2124ae9e" +dependencies = [ + "serde_core", + "serde_derive", +] + +[[package]] +name = "serde_core" +version = "1.0.228" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "41d385c7d4ca58e59fc732af25c3983b67ac852c1a25000afe1175de458b67ad" dependencies = [ "serde_derive", ] [[package]] name = "serde_derive" -version = "1.0.219" +version = "1.0.228" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5b0276cf7f2c73365f7157c8123c21cd9a50fbbd844757af28ca1f5925fc2a00" +checksum = "d540f220d3187173da220f885ab66608367b6574e925011a9353e4badda91d79" dependencies = [ "proc-macro2", "quote", diff --git a/Cargo.toml b/Cargo.toml index d46db11..93a0f02 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -5,8 +5,7 @@ edition = "2024" [dependencies] actix-web = { version = "4.10.2" } -rusqlite = { version = "0.35.0", features = ["bundled"] } -openssl = { version = "0.10", features = ["vendored"] } +rusqlite = { version = "0.37.0", features = ["bundled"] } reqwest = { version = "0.12", features = ["blocking"] } clap = { version = "4.5.37", features = ["derive"]} base64 = "0.22.1" @@ -16,12 +15,12 @@ lazy_static = "1.5.0" chrono = "0.4.41" hex = "0.4.3" hmac = "0.12.1" -md5 = "0.7.0" +md5 = "0.8.0" urlencoding = "2.1.3" sha1 = "0.10.6" substring = "1.4.5" uuid = { version = "1.16.0", features = ["v7"] } -rsa = "0.9.8" +rsa = { version = "0.9.8", features = ["sha1"] } mime = "0.3.17" sha2 = "0.10.9" include-flate-codegen = "0.3.0" @@ -30,3 +29,4 @@ serde_json = "1.0.140" serde = { version = "1.0.219", features = ["derive"] } cbc = { version = "0.1.2", features = ["alloc"] } aes = "0.8.4" +pem = "3.0.6" diff --git a/src/router/gree.rs b/src/router/gree.rs index 2586171..ed79a72 100644 --- a/src/router/gree.rs +++ b/src/router/gree.rs @@ -8,10 +8,9 @@ use hmac::{Hmac, Mac}; use rusqlite::params; use lazy_static::lazy_static; -use openssl::pkey::PKey; -use openssl::rsa::Rsa; -use openssl::hash::MessageDigest; -use openssl::sign::Verifier; +use sha1::Digest; +use rsa::{RsaPublicKey, Pkcs1v15Sign}; +use rsa::pkcs8::DecodePublicKey; use crate::router::global; use crate::router::userdata; @@ -56,19 +55,14 @@ fn create_acc(cert: &str) -> String { uuid } -fn verify_signature(signature: &[u8], message: &[u8], public_key: &[u8]) -> bool { - let rsa_public_key = match Rsa::public_key_from_pem(public_key) { - Ok(key) => key, - Err(_) => return false, - }; - let pkey = match PKey::from_rsa(rsa_public_key) { - Ok(pkey) => pkey, - Err(_) => return false, - }; - let mut verifier = Verifier::new(MessageDigest::sha1(), &pkey).unwrap(); - verifier.update(message).unwrap(); +fn verify_signature(signature: &[u8], message: &[u8], public_key: &str) -> bool { + let pem = pem::parse(public_key).unwrap(); + let public_key = RsaPublicKey::from_public_key_der(&pem.contents()).unwrap(); + let digest = Sha1::digest(message); - verifier.verify(signature).is_ok() + public_key + .verify(Pkcs1v15Sign::new::(), &digest, signature) + .is_ok() } pub fn delete_uuid(user_id: i64) { @@ -97,7 +91,7 @@ pub fn get_uuid(headers: &HeaderMap, body: &str) -> String { let decoded = general_purpose::STANDARD.decode(login).unwrap_or_default(); - if verify_signature(&decoded, encoded.as_bytes(), cert.as_bytes()) { + if verify_signature(&decoded, encoded.as_bytes(), &cert) { DATABASE.lock_and_select("SELECT uuid FROM users WHERE user_id=?1;", params!(uid)).unwrap() } else { String::new()