48 lines
1.7 KiB
Rust
48 lines
1.7 KiB
Rust
use base64::{decode_config, encode_config, URL_SAFE};
|
|
use openssl::hash::MessageDigest;
|
|
use openssl::memcmp;
|
|
use openssl::pkey::PKey;
|
|
use openssl::rsa::Rsa;
|
|
use openssl::sign::{Signer, Verifier};
|
|
|
|
pub fn sign(data: &str, key: &[u8], digest: MessageDigest) -> String {
|
|
let secret_key = PKey::hmac(key).unwrap();
|
|
|
|
let mut signer = Signer::new(digest, &secret_key).unwrap();
|
|
signer.update(data.as_bytes()).unwrap();
|
|
|
|
let mac = signer.finish().unwrap();
|
|
encode_config(&mac, URL_SAFE)
|
|
}
|
|
|
|
pub fn sign_rsa(data: &str, key: &[u8], digest: MessageDigest) -> String {
|
|
let private_key = Rsa::private_key_from_pem(key).unwrap();
|
|
let pkey = PKey::from_rsa(private_key).unwrap();
|
|
|
|
let mut signer = Signer::new(digest, &pkey).unwrap();
|
|
signer.update(data.as_bytes()).unwrap();
|
|
let sig = signer.finish().unwrap();
|
|
encode_config(&sig, URL_SAFE)
|
|
}
|
|
|
|
pub fn verify(target: &str, data: &str, key: &[u8], digest: MessageDigest) -> bool {
|
|
let target_bytes: Vec<u8> = decode_config(target, URL_SAFE).unwrap();
|
|
let secret_key = PKey::hmac(key).unwrap();
|
|
|
|
let mut signer = Signer::new(digest, &secret_key).unwrap();
|
|
signer.update(data.as_bytes()).unwrap();
|
|
|
|
let mac = signer.finish().unwrap();
|
|
|
|
memcmp::eq(&mac, &target_bytes)
|
|
}
|
|
|
|
pub fn verify_rsa(signature: &str, data: &str, key: &[u8], digest: MessageDigest) -> bool {
|
|
let signature_bytes: Vec<u8> = decode_config(signature, URL_SAFE).unwrap();
|
|
let public_key = Rsa::public_key_from_pem(key).unwrap();
|
|
let pkey = PKey::from_rsa(public_key).unwrap();
|
|
let mut verifier = Verifier::new(digest, &pkey).unwrap();
|
|
verifier.update(data.as_bytes()).unwrap();
|
|
verifier.finish(&signature_bytes).unwrap()
|
|
}
|