From 2aa4a82499d4becd2284cdb482213d541b8804dd Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 28 Apr 2024 16:29:10 +0200 Subject: Adding upstream version 86.0.1. Signed-off-by: Daniel Baumann --- third_party/rust/hawk/src/bewit.rs | 212 ++++++ third_party/rust/hawk/src/credentials.rs | 61 ++ third_party/rust/hawk/src/crypto/holder.rs | 52 ++ third_party/rust/hawk/src/crypto/mod.rs | 83 +++ third_party/rust/hawk/src/crypto/openssl.rs | 98 +++ third_party/rust/hawk/src/crypto/ring.rs | 99 +++ third_party/rust/hawk/src/error.rs | 70 ++ third_party/rust/hawk/src/header.rs | 498 ++++++++++++++ third_party/rust/hawk/src/lib.rs | 173 +++++ third_party/rust/hawk/src/mac.rs | 200 ++++++ third_party/rust/hawk/src/payload.rs | 87 +++ third_party/rust/hawk/src/request.rs | 974 ++++++++++++++++++++++++++++ third_party/rust/hawk/src/response.rs | 320 +++++++++ 13 files changed, 2927 insertions(+) create mode 100644 third_party/rust/hawk/src/bewit.rs create mode 100644 third_party/rust/hawk/src/credentials.rs create mode 100644 third_party/rust/hawk/src/crypto/holder.rs create mode 100644 third_party/rust/hawk/src/crypto/mod.rs create mode 100644 third_party/rust/hawk/src/crypto/openssl.rs create mode 100644 third_party/rust/hawk/src/crypto/ring.rs create mode 100644 third_party/rust/hawk/src/error.rs create mode 100644 third_party/rust/hawk/src/header.rs create mode 100644 third_party/rust/hawk/src/lib.rs create mode 100644 third_party/rust/hawk/src/mac.rs create mode 100644 third_party/rust/hawk/src/payload.rs create mode 100644 third_party/rust/hawk/src/request.rs create mode 100644 third_party/rust/hawk/src/response.rs (limited to 'third_party/rust/hawk/src') diff --git a/third_party/rust/hawk/src/bewit.rs b/third_party/rust/hawk/src/bewit.rs new file mode 100644 index 0000000000..ea3db202a3 --- /dev/null +++ b/third_party/rust/hawk/src/bewit.rs @@ -0,0 +1,212 @@ +use crate::error::*; +use crate::mac::Mac; +use std::borrow::Cow; +use std::str; +use std::str::FromStr; +use std::time::{Duration, SystemTime, UNIX_EPOCH}; + +/// A Bewit is a piece of data attached to a GET request that functions in place of a Hawk +/// Authentication header. It contains an id, a timestamp, a MAC, and an optional `ext` value. +/// These are available using accessor functions. +#[derive(Clone, Debug, PartialEq)] +pub struct Bewit<'a> { + id: Cow<'a, str>, + exp: SystemTime, + mac: Cow<'a, Mac>, + ext: Option>, +} + +impl<'a> Bewit<'a> { + /// Create a new Bewit with the given values. + /// + /// See Request.make_bewit for an easier way to make a Bewit + pub fn new(id: &'a str, exp: SystemTime, mac: Mac, ext: Option<&'a str>) -> Bewit<'a> { + Bewit { + id: Cow::Borrowed(id), + exp, + mac: Cow::Owned(mac), + ext: match ext { + Some(s) => Some(Cow::Borrowed(s)), + None => None, + }, + } + } + + /// Generate the fully-encoded string for this Bewit + pub fn to_str(&self) -> String { + use base64::display::Base64Display; + let raw = format!( + "{}\\{}\\{}\\{}", + self.id, + self.exp + .duration_since(UNIX_EPOCH) + .unwrap_or_default() + .as_secs(), + Base64Display::with_config(self.mac.as_ref(), base64::STANDARD), + match self.ext { + Some(ref cow) => cow.as_ref(), + None => "", + } + ); + + base64::encode_config(&raw, base64::URL_SAFE_NO_PAD) + } + + /// Get the Bewit's client identifier + pub fn id(&self) -> &str { + self.id.as_ref() + } + + /// Get the expiration time of the bewit + pub fn exp(&self) -> SystemTime { + self.exp + } + + /// Get the MAC included in the Bewit + pub fn mac(&self) -> &Mac { + self.mac.as_ref() + } + + /// Get the Bewit's `ext` field. + pub fn ext(&self) -> Option<&str> { + match self.ext { + Some(ref cow) => Some(cow.as_ref()), + None => None, + } + } +} + +const BACKSLASH: u8 = b'\\'; + +impl<'a> FromStr for Bewit<'a> { + type Err = Error; + fn from_str(bewit: &str) -> Result> { + let bewit = base64::decode(bewit)?; + + let parts: Vec<&[u8]> = bewit.split(|c| *c == BACKSLASH).collect(); + if parts.len() != 4 { + return Err(InvalidBewit::Format.into()); + } + + let id = String::from_utf8(parts[0].to_vec()).map_err(|_| InvalidBewit::Id)?; + + let exp = str::from_utf8(parts[1]).map_err(|_| InvalidBewit::Exp)?; + let exp = u64::from_str(exp).map_err(|_| InvalidBewit::Exp)?; + let exp = UNIX_EPOCH + Duration::new(exp, 0); + + let mac = str::from_utf8(parts[2]).map_err(|_| InvalidBewit::Mac)?; + let mac = Mac::from(base64::decode(mac).map_err(|_| InvalidBewit::Mac)?); + + let ext = match parts[3].len() { + 0 => None, + _ => Some(Cow::Owned( + String::from_utf8(parts[3].to_vec()).map_err(|_| InvalidBewit::Ext)?, + )), + }; + + Ok(Bewit { + id: Cow::Owned(id), + exp, + mac: Cow::Owned(mac), + ext, + }) + } +} + +#[cfg(all(test, any(feature = "use_ring", feature = "use_openssl")))] +mod test { + use super::*; + use crate::credentials::Key; + use crate::mac::{Mac, MacType}; + use std::str::FromStr; + + const BEWIT_STR: &str = + "bWVcMTM1MzgzMjgzNFxmaXk0ZTV3QmRhcEROeEhIZUExOE5yU3JVMVUzaVM2NmdtMFhqVEpwWXlVPVw"; + const BEWIT_WITH_EXT_STR: &str = + "bWVcMTM1MzgzMjgzNFxmaXk0ZTV3QmRhcEROeEhIZUExOE5yU3JVMVUzaVM2NmdtMFhqVEpwWXlVPVxhYmNk"; + + fn make_mac() -> Mac { + let key = Key::new( + vec![ + 11u8, 19, 228, 209, 79, 189, 200, 59, 166, 47, 86, 254, 235, 184, 120, 197, 75, + 152, 201, 79, 115, 61, 111, 242, 219, 187, 173, 14, 227, 108, 60, 232, + ], + crate::DigestAlgorithm::Sha256, + ) + .unwrap(); + Mac::new( + MacType::Header, + &key, + UNIX_EPOCH + Duration::new(1353832834, 100), + "nonny", + "POST", + "mysite.com", + 443, + "/v1/api", + None, + None, + ) + .unwrap() + } + + #[test] + fn test_to_str() { + let bewit = Bewit::new( + "me", + UNIX_EPOCH + Duration::new(1353832834, 0), + make_mac(), + None, + ); + assert_eq!(bewit.to_str(), BEWIT_STR); + let bewit = Bewit::new( + "me", + UNIX_EPOCH + Duration::new(1353832834, 0), + make_mac(), + Some("abcd"), + ); + assert_eq!(bewit.to_str(), BEWIT_WITH_EXT_STR); + } + + #[test] + fn test_accessors() { + let bewit = Bewit::from_str(BEWIT_STR).unwrap(); + assert_eq!(bewit.id(), "me"); + assert_eq!(bewit.exp(), UNIX_EPOCH + Duration::new(1353832834, 0)); + assert_eq!(bewit.mac(), &make_mac()); + assert_eq!(bewit.ext(), None); + } + + #[test] + fn test_from_str_invalid_base64() { + assert!(Bewit::from_str("!/==").is_err()); + } + + #[test] + fn test_from_str_invalid_too_many_parts() { + let bewit = base64::encode(&"a\\123\\abc\\ext\\WHUT?".as_bytes()); + assert!(Bewit::from_str(&bewit).is_err()); + } + + #[test] + fn test_from_str_invalid_too_few_parts() { + let bewit = base64::encode(&"a\\123\\abc".as_bytes()); + assert!(Bewit::from_str(&bewit).is_err()); + } + + #[test] + fn test_from_str_invalid_not_utf8() { + let a = 'a' as u8; + let one = '1' as u8; + let slash = '\\' as u8; + let invalid1 = 0u8; + let invalid2 = 159u8; + let bewit = base64::encode(&[invalid1, invalid2, slash, one, slash, a, slash, a]); + assert!(Bewit::from_str(&bewit).is_err()); + let bewit = base64::encode(&[a, slash, invalid1, invalid2, slash, a, slash, a]); + assert!(Bewit::from_str(&bewit).is_err()); + let bewit = base64::encode(&[a, slash, one, slash, invalid1, invalid2, slash, a]); + assert!(Bewit::from_str(&bewit).is_err()); + let bewit = base64::encode(&[a, slash, one, slash, a, slash, invalid1, invalid2]); + assert!(Bewit::from_str(&bewit).is_err()); + } +} diff --git a/third_party/rust/hawk/src/credentials.rs b/third_party/rust/hawk/src/credentials.rs new file mode 100644 index 0000000000..ec2c5025a4 --- /dev/null +++ b/third_party/rust/hawk/src/credentials.rs @@ -0,0 +1,61 @@ +use crate::crypto::{self, HmacKey}; + +#[derive(Clone, Copy, PartialEq, PartialOrd, Eq, Ord, Hash, Debug)] +pub enum DigestAlgorithm { + Sha256, + Sha384, + Sha512, + // Indicate that this isn't an enum that anyone should match on, and that we + // reserve the right to add to this enumeration without making a major + // version bump. Once https://github.com/rust-lang/rfcs/blob/master/text/2008-non-exhaustive.md + // is stabilized, that should be used instead. + #[doc(hidden)] + _Nonexhaustive, +} + +/// Hawk key. +/// +/// While any sequence of bytes can be specified as a key, note that each digest algorithm has +/// a suggested key length, and that passwords should *not* be used as keys. Keys of incorrect +/// length are handled according to the digest's implementation. +pub struct Key(Box); + +impl Key { + pub fn new(key: B, algorithm: DigestAlgorithm) -> crate::Result + where + B: AsRef<[u8]>, + { + Ok(Key(crypto::new_key(algorithm, key.as_ref())?)) + } + + pub fn sign(&self, data: &[u8]) -> crate::Result> { + Ok(self.0.sign(data)?) + } +} + +/// Hawk credentials: an ID and a key associated with that ID. The digest algorithm +/// must be agreed between the server and the client, and the length of the key is +/// specific to that algorithm. +pub struct Credentials { + pub id: String, + pub key: Key, +} + +#[cfg(all(test, any(feature = "use_ring", feature = "use_openssl")))] +mod test { + use super::*; + + #[test] + fn test_new_sha256() { + let key = vec![77u8; 32]; + // hmac::SigningKey doesn't allow any visibilty inside, so we just build the + // key and assume it works.. + Key::new(key, DigestAlgorithm::Sha256).unwrap(); + } + + #[test] + fn test_new_sha256_bad_length() { + let key = vec![0u8; 99]; + Key::new(key, DigestAlgorithm::Sha256).unwrap(); + } +} diff --git a/third_party/rust/hawk/src/crypto/holder.rs b/third_party/rust/hawk/src/crypto/holder.rs new file mode 100644 index 0000000000..c99332d745 --- /dev/null +++ b/third_party/rust/hawk/src/crypto/holder.rs @@ -0,0 +1,52 @@ +use super::Cryptographer; +use once_cell::sync::OnceCell; + +static CRYPTOGRAPHER: OnceCell<&'static dyn Cryptographer> = OnceCell::new(); + +#[derive(Debug, thiserror::Error)] +#[error("Cryptographer already initialized")] +pub struct SetCryptographerError(()); + +/// Sets the global object that will be used for cryptographic operations. +/// +/// This is a convenience wrapper over [`set_cryptographer`], +/// but takes a `Box` instead. +#[cfg(not(any(feature = "use_ring", feature = "use_openssl")))] +pub fn set_boxed_cryptographer(c: Box) -> Result<(), SetCryptographerError> { + // Just leak the Box. It wouldn't be freed as a `static` anyway, and we + // never allow this to be re-assigned (so it's not a meaningful memory leak). + set_cryptographer(Box::leak(c)) +} + +/// Sets the global object that will be used for cryptographic operations. +/// +/// This function may only be called once in the lifetime of a program. +/// +/// Any calls into this crate that perform cryptography prior to calling this +/// function will panic. +pub fn set_cryptographer(c: &'static dyn Cryptographer) -> Result<(), SetCryptographerError> { + CRYPTOGRAPHER.set(c).map_err(|_| SetCryptographerError(())) +} + +pub(crate) fn get_crypographer() -> &'static dyn Cryptographer { + autoinit_crypto(); + *CRYPTOGRAPHER + .get() + .expect("`hawk` cryptographer not initialized!") +} + +#[cfg(feature = "use_ring")] +#[inline] +fn autoinit_crypto() { + let _ = set_cryptographer(&super::ring::RingCryptographer); +} + +#[cfg(feature = "use_openssl")] +#[inline] +fn autoinit_crypto() { + let _ = set_cryptographer(&super::openssl::OpensslCryptographer); +} + +#[cfg(not(any(feature = "use_openssl", feature = "use_ring")))] +#[inline] +fn autoinit_crypto() {} diff --git a/third_party/rust/hawk/src/crypto/mod.rs b/third_party/rust/hawk/src/crypto/mod.rs new file mode 100644 index 0000000000..ef2243a48d --- /dev/null +++ b/third_party/rust/hawk/src/crypto/mod.rs @@ -0,0 +1,83 @@ +//! `hawk` must perform certain cryptographic operations in order to function, +//! and applications may need control over which library is used for these. +//! +//! This module can be used for that purpose. If you do not care, this crate can +//! be configured so that a default implementation is provided based on either +//! `ring` or `openssl` (via the `use_ring` and `use_openssl` features respectively). +//! +//! Should you need something custom, then you can provide it by implementing +//! [`Cryptographer`] and using the [`set_cryptographer`] or +//! [`set_boxed_cryptographer`] functions. +use crate::DigestAlgorithm; + +pub(crate) mod holder; +pub(crate) use holder::get_crypographer; + +#[cfg(feature = "use_openssl")] +mod openssl; +#[cfg(feature = "use_ring")] +mod ring; + +#[cfg(not(any(feature = "use_ring", feature = "use_openssl")))] +pub use self::holder::{set_boxed_cryptographer, set_cryptographer}; + +#[derive(Debug, thiserror::Error)] +pub enum CryptoError { + /// The configured cryptographer does not support the digest algorithm + /// specified. This should only happen for custom `Cryptographer` implementations + #[error("Digest algorithm {0:?} is unsupported by this Cryptographer")] + UnsupportedDigest(DigestAlgorithm), + + /// The configured cryptographer implementation failed to perform an + /// operation in some way. + #[error("{0}")] + Other(#[source] anyhow::Error), +} + +/// A trait encapsulating the cryptographic operations required by this library. +/// +/// If you use this library with either the `use_ring` or `use_openssl` features enabled, +/// then you do not have to worry about this. +pub trait Cryptographer: Send + Sync + 'static { + fn rand_bytes(&self, output: &mut [u8]) -> Result<(), CryptoError>; + fn new_key( + &self, + algorithm: DigestAlgorithm, + key: &[u8], + ) -> Result, CryptoError>; + fn new_hasher(&self, algo: DigestAlgorithm) -> Result, CryptoError>; + fn constant_time_compare(&self, a: &[u8], b: &[u8]) -> bool; +} + +/// Type-erased hmac key type. +pub trait HmacKey: Send + Sync + 'static { + fn sign(&self, data: &[u8]) -> Result, CryptoError>; +} + +/// Type-erased hash context type. +pub trait Hasher: Send + Sync + 'static { + fn update(&mut self, data: &[u8]) -> Result<(), CryptoError>; + // Note: this would take by move but that's not object safe :( + fn finish(&mut self) -> Result, CryptoError>; +} + +// For convenience + +pub(crate) fn rand_bytes(buffer: &mut [u8]) -> Result<(), CryptoError> { + get_crypographer().rand_bytes(buffer) +} + +pub(crate) fn new_key( + algorithm: DigestAlgorithm, + key: &[u8], +) -> Result, CryptoError> { + get_crypographer().new_key(algorithm, key) +} + +pub(crate) fn constant_time_compare(a: &[u8], b: &[u8]) -> bool { + get_crypographer().constant_time_compare(a, b) +} + +pub(crate) fn new_hasher(algorithm: DigestAlgorithm) -> Result, CryptoError> { + Ok(get_crypographer().new_hasher(algorithm)?) +} diff --git a/third_party/rust/hawk/src/crypto/openssl.rs b/third_party/rust/hawk/src/crypto/openssl.rs new file mode 100644 index 0000000000..b925ee9f5e --- /dev/null +++ b/third_party/rust/hawk/src/crypto/openssl.rs @@ -0,0 +1,98 @@ +use super::{CryptoError, Cryptographer, Hasher, HmacKey}; +use crate::DigestAlgorithm; +use std::convert::{TryFrom, TryInto}; + +use openssl::error::ErrorStack; +use openssl::hash::MessageDigest; +use openssl::pkey::{PKey, Private}; +use openssl::sign::Signer; + +impl From for CryptoError { + fn from(e: ErrorStack) -> Self { + CryptoError::Other(e.into()) + } +} + +pub struct OpensslCryptographer; + +struct OpensslHmacKey { + key: PKey, + digest: MessageDigest, +} + +impl HmacKey for OpensslHmacKey { + fn sign(&self, data: &[u8]) -> Result, CryptoError> { + let mut hmac_signer = Signer::new(self.digest, &self.key)?; + hmac_signer.update(&data)?; + let digest = hmac_signer.sign_to_vec()?; + let mut mac = vec![0; self.digest.size()]; + mac.clone_from_slice(digest.as_ref()); + Ok(mac) + } +} + +// This is always `Some` until `finish` is called. +struct OpensslHasher(Option); + +impl Hasher for OpensslHasher { + fn update(&mut self, data: &[u8]) -> Result<(), CryptoError> { + self.0 + .as_mut() + .expect("update called after `finish`") + .update(data)?; + Ok(()) + } + + fn finish(&mut self) -> Result, CryptoError> { + let digest = self.0.take().expect("`finish` called twice").finish()?; + let bytes: &[u8] = digest.as_ref(); + Ok(bytes.to_owned()) + } +} + +impl Cryptographer for OpensslCryptographer { + fn rand_bytes(&self, output: &mut [u8]) -> Result<(), CryptoError> { + openssl::rand::rand_bytes(output)?; + Ok(()) + } + + fn new_key( + &self, + algorithm: DigestAlgorithm, + key: &[u8], + ) -> Result, CryptoError> { + let digest = algorithm.try_into()?; + Ok(Box::new(OpensslHmacKey { + key: PKey::hmac(key)?, + digest, + })) + } + + fn constant_time_compare(&self, a: &[u8], b: &[u8]) -> bool { + // openssl::memcmp::eq panics if the lengths are not the same. ring + // returns `Err` (and notes in the docs that it is not constant time if + // the lengths are not the same). We make this behave like ring. + if a.len() != b.len() { + false + } else { + openssl::memcmp::eq(a, b) + } + } + + fn new_hasher(&self, algorithm: DigestAlgorithm) -> Result, CryptoError> { + let ctx = openssl::hash::Hasher::new(algorithm.try_into()?)?; + Ok(Box::new(OpensslHasher(Some(ctx)))) + } +} + +impl TryFrom for MessageDigest { + type Error = CryptoError; + fn try_from(algorithm: DigestAlgorithm) -> Result { + match algorithm { + DigestAlgorithm::Sha256 => Ok(MessageDigest::sha256()), + DigestAlgorithm::Sha384 => Ok(MessageDigest::sha384()), + DigestAlgorithm::Sha512 => Ok(MessageDigest::sha512()), + algo => Err(CryptoError::UnsupportedDigest(algo)), + } + } +} diff --git a/third_party/rust/hawk/src/crypto/ring.rs b/third_party/rust/hawk/src/crypto/ring.rs new file mode 100644 index 0000000000..6721b9352c --- /dev/null +++ b/third_party/rust/hawk/src/crypto/ring.rs @@ -0,0 +1,99 @@ +use super::{CryptoError, Cryptographer, Hasher, HmacKey}; +use crate::DigestAlgorithm; +use ring::{digest, hmac}; +use std::convert::{TryFrom, TryInto}; + +impl From for CryptoError { + // Ring's errors are entirely opaque + fn from(_: ring::error::Unspecified) -> Self { + CryptoError::Other(anyhow::Error::msg("Unspecified ring error")) + } +} + +impl From for CryptoError { + fn from(_: std::convert::Infallible) -> Self { + unreachable!() + } +} + +pub struct RingCryptographer; + +struct RingHmacKey(hmac::Key); + +impl HmacKey for RingHmacKey { + fn sign(&self, data: &[u8]) -> Result, CryptoError> { + let digest = hmac::sign(&self.0, data); + let mut mac = vec![0; self.0.algorithm().digest_algorithm().output_len]; + mac.copy_from_slice(digest.as_ref()); + Ok(mac) + } +} +// This is always `Some` until `finish` is called. +struct RingHasher(Option); + +impl Hasher for RingHasher { + fn update(&mut self, data: &[u8]) -> Result<(), CryptoError> { + self.0 + .as_mut() + .expect("update called after `finish`") + .update(data); + Ok(()) + } + + fn finish(&mut self) -> Result, CryptoError> { + let digest = self.0.take().expect("`finish` called twice").finish(); + let bytes: &[u8] = digest.as_ref(); + Ok(bytes.to_owned()) + } +} + +impl Cryptographer for RingCryptographer { + fn rand_bytes(&self, output: &mut [u8]) -> Result<(), CryptoError> { + use ring::rand::SecureRandom; + let rnd = ring::rand::SystemRandom::new(); + rnd.fill(output)?; + Ok(()) + } + + fn new_key( + &self, + algorithm: DigestAlgorithm, + key: &[u8], + ) -> Result, CryptoError> { + let k = hmac::Key::new(algorithm.try_into()?, key); + Ok(Box::new(RingHmacKey(k))) + } + + fn constant_time_compare(&self, a: &[u8], b: &[u8]) -> bool { + ring::constant_time::verify_slices_are_equal(a, b).is_ok() + } + + fn new_hasher(&self, algorithm: DigestAlgorithm) -> Result, CryptoError> { + let ctx = digest::Context::new(algorithm.try_into()?); + Ok(Box::new(RingHasher(Some(ctx)))) + } +} + +impl TryFrom for &'static digest::Algorithm { + type Error = CryptoError; + fn try_from(algorithm: DigestAlgorithm) -> Result { + match algorithm { + DigestAlgorithm::Sha256 => Ok(&digest::SHA256), + DigestAlgorithm::Sha384 => Ok(&digest::SHA384), + DigestAlgorithm::Sha512 => Ok(&digest::SHA512), + algo => Err(CryptoError::UnsupportedDigest(algo)), + } + } +} + +impl TryFrom for hmac::Algorithm { + type Error = CryptoError; + fn try_from(algorithm: DigestAlgorithm) -> Result { + match algorithm { + DigestAlgorithm::Sha256 => Ok(hmac::HMAC_SHA256), + DigestAlgorithm::Sha384 => Ok(hmac::HMAC_SHA384), + DigestAlgorithm::Sha512 => Ok(hmac::HMAC_SHA512), + algo => Err(CryptoError::UnsupportedDigest(algo)), + } + } +} diff --git a/third_party/rust/hawk/src/error.rs b/third_party/rust/hawk/src/error.rs new file mode 100644 index 0000000000..96884d430f --- /dev/null +++ b/third_party/rust/hawk/src/error.rs @@ -0,0 +1,70 @@ +use crate::crypto::CryptoError; + +pub type Result = std::result::Result; + +#[derive(thiserror::Error, Debug)] +pub enum Error { + #[error("Unparseable Hawk header: {0}")] + HeaderParseError(String), + + #[error("Invalid url: {0}")] + InvalidUrl(String), + + #[error("Missing `ts` attribute in Hawk header")] + MissingTs, + + #[error("Missing `nonce` attribute in Hawk header")] + MissingNonce, + + #[error("{0}")] + InvalidBewit(#[source] InvalidBewit), + + #[error("{0}")] + Io(#[source] std::io::Error), + + #[error("Base64 Decode error: {0}")] + Decode(#[source] base64::DecodeError), + + #[error("Crypto error: {0}")] + Crypto(#[source] CryptoError), +} + +#[derive(thiserror::Error, Debug, PartialEq)] +pub enum InvalidBewit { + #[error("Multiple bewits in URL")] + Multiple, + #[error("Invalid bewit format")] + Format, + #[error("Invalid bewit id")] + Id, + #[error("Invalid bewit exp")] + Exp, + #[error("Invalid bewit mac")] + Mac, + #[error("Invalid bewit ext")] + Ext, +} + +impl From for Error { + fn from(e: base64::DecodeError) -> Self { + Error::Decode(e) + } +} + +impl From for Error { + fn from(e: std::io::Error) -> Self { + Error::Io(e) + } +} + +impl From for Error { + fn from(e: CryptoError) -> Self { + Error::Crypto(e) + } +} + +impl From for Error { + fn from(e: InvalidBewit) -> Self { + Error::InvalidBewit(e) + } +} diff --git a/third_party/rust/hawk/src/header.rs b/third_party/rust/hawk/src/header.rs new file mode 100644 index 0000000000..910a202e83 --- /dev/null +++ b/third_party/rust/hawk/src/header.rs @@ -0,0 +1,498 @@ +use crate::error::*; +use crate::mac::Mac; +use base64::display::Base64Display; +use std::fmt; +use std::str::FromStr; +use std::time::{Duration, SystemTime, UNIX_EPOCH}; +/// Representation of a Hawk `Authorization` header value (the part following "Hawk "). +/// +/// Headers can be derived from strings using the `FromStr` trait, and formatted into a +/// string using the `fmt_header` method. +/// +/// All fields are optional, although for specific purposes some fields must be present. +#[derive(Clone, PartialEq, Debug)] +pub struct Header { + pub id: Option, + pub ts: Option, + pub nonce: Option, + pub mac: Option, + pub ext: Option, + pub hash: Option>, + pub app: Option, + pub dlg: Option, +} + +impl Header { + /// Create a new Header with the full set of Hawk fields. + /// + /// This is a low-level function. Headers are more often created from Requests or Responses. + /// + /// Note that none of the string-formatted header components can contain the character `\"`. + pub fn new( + id: Option, + ts: Option, + nonce: Option, + mac: Option, + ext: Option, + hash: Option>, + app: Option, + dlg: Option, + ) -> Result
+ where + S: Into, + { + Ok(Header { + id: Header::check_component(id)?, + ts, + nonce: Header::check_component(nonce)?, + mac, + ext: Header::check_component(ext)?, + hash, + app: Header::check_component(app)?, + dlg: Header::check_component(dlg)?, + }) + } + + /// Check a header component for validity. + fn check_component(value: Option) -> Result> + where + S: Into, + { + if let Some(value) = value { + let value = value.into(); + if value.contains('\"') { + return Err(Error::HeaderParseError( + "Hawk headers cannot contain `\\`".into(), + )); + } + Ok(Some(value)) + } else { + Ok(None) + } + } + + /// Format the header for transmission in an Authorization header, omitting the `"Hawk "` + /// prefix. + pub fn fmt_header(&self, f: &mut fmt::Formatter) -> fmt::Result { + let mut sep = ""; + if let Some(ref id) = self.id { + write!(f, "{}id=\"{}\"", sep, id)?; + sep = ", "; + } + if let Some(ref ts) = self.ts { + write!( + f, + "{}ts=\"{}\"", + sep, + ts.duration_since(UNIX_EPOCH).unwrap_or_default().as_secs() + )?; + sep = ", "; + } + if let Some(ref nonce) = self.nonce { + write!(f, "{}nonce=\"{}\"", sep, nonce)?; + sep = ", "; + } + if let Some(ref mac) = self.mac { + write!( + f, + "{}mac=\"{}\"", + sep, + Base64Display::with_config(mac, base64::STANDARD) + )?; + sep = ", "; + } + if let Some(ref ext) = self.ext { + write!(f, "{}ext=\"{}\"", sep, ext)?; + sep = ", "; + } + if let Some(ref hash) = self.hash { + write!( + f, + "{}hash=\"{}\"", + sep, + Base64Display::with_config(hash, base64::STANDARD) + )?; + sep = ", "; + } + if let Some(ref app) = self.app { + write!(f, "{}app=\"{}\"", sep, app)?; + sep = ", "; + } + if let Some(ref dlg) = self.dlg { + write!(f, "{}dlg=\"{}\"", sep, dlg)?; + } + Ok(()) + } +} + +impl fmt::Display for Header { + fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { + self.fmt_header(f) + } +} + +impl FromStr for Header { + type Err = Error; + fn from_str(s: &str) -> Result
{ + let mut p = &s[..]; + + // Required attributes + let mut id: Option<&str> = None; + let mut ts: Option = None; + let mut nonce: Option<&str> = None; + let mut mac: Option> = None; + // Optional attributes + let mut hash: Option> = None; + let mut ext: Option<&str> = None; + let mut app: Option<&str> = None; + let mut dlg: Option<&str> = None; + + while !p.is_empty() { + // Skip whitespace and commas used as separators + p = p.trim_start_matches(|c| c == ',' || char::is_whitespace(c)); + // Find first '=' which delimits attribute name from value + let assign_end = p + .find('=') + .ok_or_else(|| Error::HeaderParseError("Expected '='".into()))?; + let attr = &p[..assign_end].trim(); + if p.len() < assign_end + 1 { + return Err(Error::HeaderParseError( + "Missing right hand side of =".into(), + )); + } + p = (&p[assign_end + 1..]).trim_start(); + if !p.starts_with('\"') { + return Err(Error::HeaderParseError("Expected opening quote".into())); + } + p = &p[1..]; + // We have poor RFC 7235 compliance here as we ought to support backslash + // escaped characters, but hawk doesn't allow this we won't either. All + // strings must be surrounded by ".." and contain no such characters. + let end = p.find('\"'); + let val_end = + end.ok_or_else(|| Error::HeaderParseError("Expected closing quote".into()))?; + let val = &p[..val_end]; + match *attr { + "id" => id = Some(val), + "ts" => { + let epoch = u64::from_str(val) + .map_err(|_| Error::HeaderParseError("Error parsing `ts` field".into()))?; + ts = Some(UNIX_EPOCH + Duration::new(epoch, 0)); + } + "mac" => { + mac = Some(base64::decode(val).map_err(|_| { + Error::HeaderParseError("Error parsing `mac` field".into()) + })?); + } + "nonce" => nonce = Some(val), + "ext" => ext = Some(val), + "hash" => { + hash = Some(base64::decode(val).map_err(|_| { + Error::HeaderParseError("Error parsing `hash` field".into()) + })?); + } + "app" => app = Some(val), + "dlg" => dlg = Some(val), + _ => { + return Err(Error::HeaderParseError(format!( + "Invalid Hawk field {}", + *attr + ))) + } + }; + // Break if we are at end of string, otherwise skip separator + if p.len() < val_end + 1 { + break; + } + p = p[val_end + 1..].trim_start(); + } + + Ok(Header { + id: match id { + Some(id) => Some(id.to_string()), + None => None, + }, + ts, + nonce: match nonce { + Some(nonce) => Some(nonce.to_string()), + None => None, + }, + mac: match mac { + Some(mac) => Some(Mac::from(mac)), + None => None, + }, + ext: match ext { + Some(ext) => Some(ext.to_string()), + None => None, + }, + hash, + app: match app { + Some(app) => Some(app.to_string()), + None => None, + }, + dlg: match dlg { + Some(dlg) => Some(dlg.to_string()), + None => None, + }, + }) + } +} + +#[cfg(test)] +mod test { + use super::Header; + use crate::mac::Mac; + use std::str::FromStr; + use std::time::{Duration, UNIX_EPOCH}; + + #[test] + fn illegal_id() { + assert!(Header::new( + Some("ab\"cdef"), + Some(UNIX_EPOCH + Duration::new(1234, 0)), + Some("nonce"), + Some(Mac::from(vec![])), + Some("ext"), + None, + None, + None + ) + .is_err()); + } + + #[test] + fn illegal_nonce() { + assert!(Header::new( + Some("abcdef"), + Some(UNIX_EPOCH + Duration::new(1234, 0)), + Some("no\"nce"), + Some(Mac::from(vec![])), + Some("ext"), + None, + None, + None + ) + .is_err()); + } + + #[test] + fn illegal_ext() { + assert!(Header::new( + Some("abcdef"), + Some(UNIX_EPOCH + Duration::new(1234, 0)), + Some("nonce"), + Some(Mac::from(vec![])), + Some("ex\"t"), + None, + None, + None + ) + .is_err()); + } + + #[test] + fn illegal_app() { + assert!(Header::new( + Some("abcdef"), + Some(UNIX_EPOCH + Duration::new(1234, 0)), + Some("nonce"), + Some(Mac::from(vec![])), + None, + None, + Some("a\"pp"), + None + ) + .is_err()); + } + + #[test] + fn illegal_dlg() { + assert!(Header::new( + Some("abcdef"), + Some(UNIX_EPOCH + Duration::new(1234, 0)), + Some("nonce"), + Some(Mac::from(vec![])), + None, + None, + None, + Some("d\"lg") + ) + .is_err()); + } + + #[test] + fn from_str() { + let s = Header::from_str( + "id=\"dh37fgj492je\", ts=\"1353832234\", \ + nonce=\"j4h3g2\", ext=\"some-app-ext-data\", \ + mac=\"6R4rV5iE+NPoym+WwjeHzjAGXUtLNIxmo1vpMofpLAE=\", \ + hash=\"6R4rV5iE+NPoym+WwjeHzjAGXUtLNIxmo1vpMofpLAE=\", \ + app=\"my-app\", dlg=\"my-authority\"", + ) + .unwrap(); + assert!(s.id == Some("dh37fgj492je".to_string())); + assert!(s.ts == Some(UNIX_EPOCH + Duration::new(1353832234, 0))); + assert!(s.nonce == Some("j4h3g2".to_string())); + assert!( + s.mac + == Some(Mac::from(vec![ + 233, 30, 43, 87, 152, 132, 248, 211, 232, 202, 111, 150, 194, 55, 135, 206, 48, + 6, 93, 75, 75, 52, 140, 102, 163, 91, 233, 50, 135, 233, 44, 1 + ])) + ); + assert!(s.ext == Some("some-app-ext-data".to_string())); + assert!(s.app == Some("my-app".to_string())); + assert!(s.dlg == Some("my-authority".to_string())); + } + + #[test] + fn from_str_invalid_mac() { + let r = Header::from_str( + "id=\"dh37fgj492je\", ts=\"1353832234\", \ + nonce=\"j4h3g2\", ext=\"some-app-ext-data\", \ + mac=\"6!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!AE=\", \ + app=\"my-app\", dlg=\"my-authority\"", + ); + assert!(r.is_err()); + } + + #[test] + fn from_str_no_field() { + let s = Header::from_str("").unwrap(); + assert!(s.id == None); + assert!(s.ts == None); + assert!(s.nonce == None); + assert!(s.mac == None); + assert!(s.ext == None); + assert!(s.app == None); + assert!(s.dlg == None); + } + + #[test] + fn from_str_few_field() { + let s = Header::from_str( + "id=\"xyz\", ts=\"1353832234\", \ + nonce=\"abc\", \ + mac=\"6R4rV5iE+NPoym+WwjeHzjAGXUtLNIxmo1vpMofpLAE=\"", + ) + .unwrap(); + assert!(s.id == Some("xyz".to_string())); + assert!(s.ts == Some(UNIX_EPOCH + Duration::new(1353832234, 0))); + assert!(s.nonce == Some("abc".to_string())); + assert!( + s.mac + == Some(Mac::from(vec![ + 233, 30, 43, 87, 152, 132, 248, 211, 232, 202, 111, 150, 194, 55, 135, 206, 48, + 6, 93, 75, 75, 52, 140, 102, 163, 91, 233, 50, 135, 233, 44, 1 + ])) + ); + assert!(s.ext == None); + assert!(s.app == None); + assert!(s.dlg == None); + } + + #[test] + fn from_str_messy() { + let s = Header::from_str( + ", id = \"dh37fgj492je\", ts=\"1353832234\", \ + nonce=\"j4h3g2\" , , ext=\"some-app-ext-data\", \ + mac=\"6R4rV5iE+NPoym+WwjeHzjAGXUtLNIxmo1vpMofpLAE=\"", + ) + .unwrap(); + assert!(s.id == Some("dh37fgj492je".to_string())); + assert!(s.ts == Some(UNIX_EPOCH + Duration::new(1353832234, 0))); + assert!(s.nonce == Some("j4h3g2".to_string())); + assert!( + s.mac + == Some(Mac::from(vec![ + 233, 30, 43, 87, 152, 132, 248, 211, 232, 202, 111, 150, 194, 55, 135, 206, 48, + 6, 93, 75, 75, 52, 140, 102, 163, 91, 233, 50, 135, 233, 44, 1 + ])) + ); + assert!(s.ext == Some("some-app-ext-data".to_string())); + assert!(s.app == None); + assert!(s.dlg == None); + } + + #[test] + fn to_str_no_fields() { + // must supply a type for S, since it is otherwise unused + let s = Header::new::(None, None, None, None, None, None, None, None).unwrap(); + let formatted = format!("{}", s); + println!("got: {}", formatted); + assert!(formatted == "") + } + + #[test] + fn to_str_few_fields() { + let s = Header::new( + Some("dh37fgj492je"), + Some(UNIX_EPOCH + Duration::new(1353832234, 0)), + Some("j4h3g2"), + Some(Mac::from(vec![ + 8, 35, 182, 149, 42, 111, 33, 192, 19, 22, 94, 43, 118, 176, 65, 69, 86, 4, 156, + 184, 85, 107, 249, 242, 172, 200, 66, 209, 57, 63, 38, 83, + ])), + None, + None, + None, + None, + ) + .unwrap(); + let formatted = format!("{}", s); + println!("got: {}", formatted); + assert!( + formatted + == "id=\"dh37fgj492je\", ts=\"1353832234\", nonce=\"j4h3g2\", \ + mac=\"CCO2lSpvIcATFl4rdrBBRVYEnLhVa/nyrMhC0Tk/JlM=\"" + ) + } + + #[test] + fn to_str_maximal() { + let s = Header::new( + Some("dh37fgj492je"), + Some(UNIX_EPOCH + Duration::new(1353832234, 0)), + Some("j4h3g2"), + Some(Mac::from(vec![ + 8, 35, 182, 149, 42, 111, 33, 192, 19, 22, 94, 43, 118, 176, 65, 69, 86, 4, 156, + 184, 85, 107, 249, 242, 172, 200, 66, 209, 57, 63, 38, 83, + ])), + Some("my-ext-value"), + Some(vec![1, 2, 3, 4]), + Some("my-app"), + Some("my-dlg"), + ) + .unwrap(); + let formatted = format!("{}", s); + println!("got: {}", formatted); + assert!( + formatted + == "id=\"dh37fgj492je\", ts=\"1353832234\", nonce=\"j4h3g2\", \ + mac=\"CCO2lSpvIcATFl4rdrBBRVYEnLhVa/nyrMhC0Tk/JlM=\", ext=\"my-ext-value\", \ + hash=\"AQIDBA==\", app=\"my-app\", dlg=\"my-dlg\"" + ) + } + + #[test] + fn round_trip() { + let s = Header::new( + Some("dh37fgj492je"), + Some(UNIX_EPOCH + Duration::new(1353832234, 0)), + Some("j4h3g2"), + Some(Mac::from(vec![ + 8, 35, 182, 149, 42, 111, 33, 192, 19, 22, 94, 43, 118, 176, 65, 69, 86, 4, 156, + 184, 85, 107, 249, 242, 172, 200, 66, 209, 57, 63, 38, 83, + ])), + Some("my-ext-value"), + Some(vec![1, 2, 3, 4]), + Some("my-app"), + Some("my-dlg"), + ) + .unwrap(); + let formatted = format!("{}", s); + println!("got: {}", s); + let s2 = Header::from_str(&formatted).unwrap(); + assert!(s2 == s); + } +} diff --git a/third_party/rust/hawk/src/lib.rs b/third_party/rust/hawk/src/lib.rs new file mode 100644 index 0000000000..4bde1229e2 --- /dev/null +++ b/third_party/rust/hawk/src/lib.rs @@ -0,0 +1,173 @@ +//! The `hawk` crate provides support for [Hawk](https://github.com/hueniverse/hawk) +//! authentictation. It is a low-level crate, used by higher-level crates to integrate with various +//! Rust HTTP libraries. For example `hyper-hawk` integrates Hawk with Hyper. +//! +//! # Examples +//! +//! ## Hawk Client +//! +//! A client can attach a Hawk Authorization header to requests by providing credentials to a +//! Request instance, which will generate the header. +//! +//! ``` +//! use hawk::{RequestBuilder, Credentials, Key, SHA256, PayloadHasher}; +//! use std::time::{Duration, UNIX_EPOCH}; +//! +//! fn main() { +//! // provide the Hawk id and key +//! let credentials = Credentials { +//! id: "test-client".to_string(), +//! key: Key::new(vec![99u8; 32], SHA256).unwrap(), +//! }; +//! +//! let payload_hash = PayloadHasher::hash("text/plain", SHA256, "request-body").unwrap(); +//! +//! // provide the details of the request to be authorized +//! let request = RequestBuilder::new("POST", "example.com", 80, "/v1/users") +//! .hash(&payload_hash[..]) +//! .request(); +//! +//! // Get the resulting header, including the calculated MAC; this involves a random +//! // nonce, so the MAC will be different on every request. +//! let header = request.make_header(&credentials).unwrap(); +//! +//! // the header would the be attached to the request +//! assert_eq!(header.id.unwrap(), "test-client"); +//! assert_eq!(header.mac.unwrap().len(), 32); +//! assert_eq!(header.hash.unwrap().len(), 32); +//! } +//! ``` +//! +//! A client that wishes to use a bewit (URL parameter) can do so as follows: +//! +//! ``` +//! use hawk::{RequestBuilder, Credentials, Key, SHA256, Bewit}; +//! use std::time::Duration; +//! use std::borrow::Cow; +//! +//! let credentials = Credentials { +//! id: "me".to_string(), +//! key: Key::new("tok", SHA256).unwrap(), +//! }; +//! +//! let client_req = RequestBuilder::new("GET", "mysite.com", 443, "/resource").request(); +//! let client_bewit = client_req +//! .make_bewit_with_ttl(&credentials, Duration::from_secs(10)) +//! .unwrap(); +//! let request_path = format!("/resource?bewit={}", client_bewit.to_str()); +//! // .. make the request +//! ``` +//! +//! ## Hawk Server +//! +//! To act as a server, parse the Hawk Authorization header from the request, generate a new +//! Request instance, and use the request to validate the header. +//! +//! ``` +//! use hawk::{RequestBuilder, Header, Key, SHA256}; +//! use hawk::mac::Mac; +//! use std::time::{Duration, UNIX_EPOCH}; +//! +//! fn main() { +//! let mac = Mac::from(vec![7, 22, 226, 240, 84, 78, 49, 75, 115, 144, 70, +//! 106, 102, 134, 144, 128, 225, 239, 95, 132, 202, +//! 154, 213, 118, 19, 63, 183, 108, 215, 134, 118, 115]); +//! // get the header (usually from the received request; constructed directly here) +//! let hdr = Header::new(Some("dh37fgj492je"), +//! Some(UNIX_EPOCH + Duration::new(1353832234, 0)), +//! Some("j4h3g2"), +//! Some(mac), +//! Some("my-ext-value"), +//! Some(vec![1, 2, 3, 4]), +//! Some("my-app"), +//! Some("my-dlg")).unwrap(); +//! +//! // build a request object based on what we know +//! let hash = vec![1, 2, 3, 4]; +//! let request = RequestBuilder::new("GET", "localhost", 443, "/resource") +//! .hash(&hash[..]) +//! .request(); +//! +//! let key = Key::new(vec![99u8; 32], SHA256).unwrap(); +//! let one_week_in_secs = 7 * 24 * 60 * 60; +//! if !request.validate_header(&hdr, &key, Duration::from_secs(5200 * one_week_in_secs)) { +//! panic!("header validation failed. Is it 2117 already?"); +//! } +//! } +//! ``` +//! +//! A server which validates bewits looks like this: +//! +//! ``` +//! use hawk::{RequestBuilder, Credentials, Key, SHA256, Bewit}; +//! use std::time::Duration; +//! use std::borrow::Cow; +//! +//! let credentials = Credentials { +//! id: "me".to_string(), +//! key: Key::new("tok", SHA256).unwrap(), +//! }; +//! +//! // simulate the client generation of a bewit +//! let client_req = RequestBuilder::new("GET", "mysite.com", 443, "/resource").request(); +//! let client_bewit = client_req +//! .make_bewit_with_ttl(&credentials, Duration::from_secs(10)) +//! .unwrap(); +//! let request_path = format!("/resource?bewit={}", client_bewit.to_str()); +//! +//! let mut maybe_bewit = None; +//! let server_req = RequestBuilder::new("GET", "mysite.com", 443, &request_path) +//! .extract_bewit(&mut maybe_bewit).unwrap() +//! .request(); +//! let bewit = maybe_bewit.unwrap(); +//! assert_eq!(bewit.id(), "me"); +//! assert!(server_req.validate_bewit(&bewit, &credentials.key)); +//! ``` +//! +//! ## Features +//! +//! By default, the `use_ring` feature is enabled, which means that this crate will +//! use `ring` for all cryptographic operations. +//! +//! Alternatively, one can configure the crate with the `use_openssl` +//! feature to use the `openssl` crate. +//! +//! If no features are enabled, you must provide a custom implementation of the +//! [`hawk::crypto::Cryptographer`] trait to the `set_cryptographer` function, or +//! the cryptographic operations will panic. +//! +//! Attempting to configure both the `use_ring` and `use_openssl` features will +//! result in a build error. + +#[cfg(test)] +#[macro_use] +extern crate pretty_assertions; + +mod header; +pub use crate::header::Header; + +mod credentials; +pub use crate::credentials::{Credentials, DigestAlgorithm, Key}; + +mod request; +pub use crate::request::{Request, RequestBuilder}; + +mod response; +pub use crate::response::{Response, ResponseBuilder}; + +mod error; +pub use crate::error::*; + +mod payload; +pub use crate::payload::PayloadHasher; + +mod bewit; +pub use crate::bewit::Bewit; + +pub mod mac; + +pub mod crypto; + +pub const SHA256: DigestAlgorithm = DigestAlgorithm::Sha256; +pub const SHA384: DigestAlgorithm = DigestAlgorithm::Sha384; +pub const SHA512: DigestAlgorithm = DigestAlgorithm::Sha512; diff --git a/third_party/rust/hawk/src/mac.rs b/third_party/rust/hawk/src/mac.rs new file mode 100644 index 0000000000..d56e755c86 --- /dev/null +++ b/third_party/rust/hawk/src/mac.rs @@ -0,0 +1,200 @@ +use crate::credentials::Key; +use crate::error::*; +use base64::{display::Base64Display, STANDARD}; +use std::io::Write; +use std::ops::Deref; +use std::time::{SystemTime, UNIX_EPOCH}; + +/// The kind of MAC calcuation (corresponding to the first line of the message) +pub enum MacType { + Header, + Response, + Bewit, +} + +/// Mac represents a message authentication code, the signature in a Hawk transaction. +/// +/// This class supports creating Macs using the Hawk specification, and comparing Macs +/// using a cosntant-time comparison (thus preventing timing side-channel attacks). +#[derive(Debug, Clone)] +pub struct Mac(Vec); + +impl Mac { + pub fn new( + mac_type: MacType, + key: &Key, + ts: SystemTime, + nonce: &str, + method: &str, + host: &str, + port: u16, + path: &str, + hash: Option<&[u8]>, + ext: Option<&str>, + ) -> Result { + // Note: there's a \n after each item. + let mut buffer: Vec = Vec::with_capacity( + 15 + 1 + // mac_type (worst case since it doesn't really matter) + 10 + 1 + // ts (in practice this will be 10 bytes) + nonce.len() + 1 + + host.len() + 1 + + 6 + 1 + // Longer than 6 bytes of port seems very unlikely + path.len() + 1 + + hash.map_or(0, |h| h.len() * 4 / 3) + 1 + + ext.map_or(0, str::len) + 1, + ); + + writeln!( + buffer, + "{mac_type}\n{ts}\n{nonce}\n{method}\n{path}\n{host}\n{port}", + mac_type = match mac_type { + MacType::Header => "hawk.1.header", + MacType::Response => "hawk.1.response", + MacType::Bewit => "hawk.1.bewit", + }, + ts = ts.duration_since(UNIX_EPOCH).unwrap_or_default().as_secs(), + nonce = nonce, + method = method, + path = path, + host = host, + port = port, + )?; + + if let Some(h) = hash { + writeln!(buffer, "{}", Base64Display::with_config(h, STANDARD))?; + } else { + writeln!(buffer)?; + } + writeln!(buffer, "{}", ext.unwrap_or_default())?; + + Ok(Mac(key.sign(buffer.as_ref())?)) + } +} + +impl AsRef<[u8]> for Mac { + fn as_ref(&self) -> &[u8] { + &self.0[..] + } +} + +impl From> for Mac { + fn from(original: Vec) -> Self { + Mac(original) + } +} + +impl Deref for Mac { + type Target = Vec; + + fn deref(&self) -> &Self::Target { + &self.0 + } +} + +impl PartialEq for Mac { + fn eq(&self, other: &Mac) -> bool { + crate::crypto::constant_time_compare(&self.0, &other.0) + } +} + +#[cfg(all(test, any(feature = "use_ring", feature = "use_openssl")))] +mod test { + use super::{Mac, MacType}; + use crate::credentials::Key; + use std::time::{Duration, SystemTime, UNIX_EPOCH}; + + fn key() -> Key { + Key::new( + vec![ + 11u8, 19, 228, 209, 79, 189, 200, 59, 166, 47, 86, 254, 235, 184, 120, 197, 75, + 152, 201, 79, 115, 61, 111, 242, 219, 187, 173, 14, 227, 108, 60, 232, + ], + crate::SHA256, + ) + .unwrap() + } + + fn sys_time(secs: u64, ns: u32) -> SystemTime { + UNIX_EPOCH + Duration::new(secs, ns) + } + + #[test] + fn test_make_mac() { + let key = key(); + let mac = Mac::new( + MacType::Header, + &key, + sys_time(1000, 100), + "nonny", + "POST", + "mysite.com", + 443, + "/v1/api", + None, + None, + ) + .unwrap(); + println!("got {:?}", mac); + assert!( + mac.0 + == vec![ + 192, 227, 235, 121, 157, 185, 197, 79, 189, 214, 235, 139, 9, 232, 99, 55, 67, + 30, 68, 0, 150, 187, 192, 238, 21, 200, 209, 107, 245, 159, 243, 178 + ] + ); + } + + #[test] + fn test_make_mac_hash() { + let key = key(); + let hash = vec![1, 2, 3, 4, 5]; + let mac = Mac::new( + MacType::Header, + &key, + sys_time(1000, 100), + "nonny", + "POST", + "mysite.com", + 443, + "/v1/api", + Some(&hash), + None, + ) + .unwrap(); + println!("got {:?}", mac); + assert!( + mac.0 + == vec![ + 61, 128, 208, 253, 88, 135, 190, 196, 1, 69, 153, 193, 124, 4, 195, 87, 38, 96, + 181, 34, 65, 234, 58, 157, 175, 175, 145, 151, 61, 0, 57, 5 + ] + ); + } + + #[test] + fn test_make_mac_ext() { + let key = key(); + let ext = "ext-data".to_string(); + let mac = Mac::new( + MacType::Header, + &key, + sys_time(1000, 100), + "nonny", + "POST", + "mysite.com", + 443, + "/v1/api", + None, + Some(&ext), + ) + .unwrap(); + println!("got {:?}", mac); + assert!( + mac.0 + == vec![ + 187, 104, 238, 100, 168, 112, 37, 68, 187, 141, 168, 155, 177, 193, 113, 0, 50, + 105, 127, 36, 24, 117, 200, 251, 138, 199, 108, 14, 105, 123, 234, 119 + ] + ); + } +} diff --git a/third_party/rust/hawk/src/payload.rs b/third_party/rust/hawk/src/payload.rs new file mode 100644 index 0000000000..3b872eaf4b --- /dev/null +++ b/third_party/rust/hawk/src/payload.rs @@ -0,0 +1,87 @@ +use crate::error::*; +use crate::{crypto, DigestAlgorithm}; +/// A utility for hashing payloads. Feed your entity body to this, then pass the `finish` +/// result to a request or response. +pub struct PayloadHasher(Box); + +impl PayloadHasher { + /// Create a new PayloadHasher. The `content_type` should be lower-case and should + /// not include parameters. The digest is assumed to be the same as the digest used + /// for the credentials in the request. + pub fn new(content_type: B, algorithm: DigestAlgorithm) -> Result + where + B: AsRef<[u8]>, + { + let mut hasher = PayloadHasher(crypto::new_hasher(algorithm)?); + hasher.update(b"hawk.1.payload\n")?; + hasher.update(content_type.as_ref())?; + hasher.update(b"\n")?; + Ok(hasher) + } + + /// Hash a single value and return it + pub fn hash( + content_type: B1, + algorithm: DigestAlgorithm, + payload: B2, + ) -> Result> + where + B1: AsRef<[u8]>, + B2: AsRef<[u8]>, + { + let mut hasher = PayloadHasher::new(content_type, algorithm)?; + hasher.update(payload)?; + hasher.finish() + } + + /// Update the hash with new data. + pub fn update(&mut self, data: B) -> Result<()> + where + B: AsRef<[u8]>, + { + self.0.update(data.as_ref())?; + Ok(()) + } + + /// Finish hashing and return the result + /// + /// Note that this appends a newline to the payload, as does the JS Hawk implementaiton. + pub fn finish(mut self) -> Result> { + self.update(b"\n")?; + Ok(self.0.finish()?) + } +} + +#[cfg(all(test, any(feature = "use_ring", feature = "use_openssl")))] +mod tests { + use super::PayloadHasher; + + #[test] + fn hash_consistency() -> super::Result<()> { + let mut hasher1 = PayloadHasher::new("text/plain", crate::SHA256)?; + hasher1.update("pày")?; + hasher1.update("load")?; + let hash1 = hasher1.finish()?; + + let mut hasher2 = PayloadHasher::new("text/plain", crate::SHA256)?; + hasher2.update("pàyload")?; + let hash2 = hasher2.finish()?; + + let hash3 = PayloadHasher::hash("text/plain", crate::SHA256, "pàyload")?; + + let hash4 = // "pàyload" as utf-8 bytes + PayloadHasher::hash("text/plain", crate::SHA256, vec![112, 195, 160, 121, 108, 111, 97, 100])?; + + assert_eq!( + hash1, + vec![ + 228, 238, 241, 224, 235, 114, 158, 112, 211, 254, 118, 89, 25, 236, 87, 176, 181, + 54, 61, 135, 42, 223, 188, 103, 194, 59, 83, 36, 136, 31, 198, 50 + ] + ); + assert_eq!(hash2, hash1); + assert_eq!(hash3, hash1); + assert_eq!(hash4, hash1); + Ok(()) + } +} diff --git a/third_party/rust/hawk/src/request.rs b/third_party/rust/hawk/src/request.rs new file mode 100644 index 0000000000..4cccab20d1 --- /dev/null +++ b/third_party/rust/hawk/src/request.rs @@ -0,0 +1,974 @@ +use crate::bewit::Bewit; +use crate::credentials::{Credentials, Key}; +use crate::error::*; +use crate::header::Header; +use crate::mac::{Mac, MacType}; +use crate::response::ResponseBuilder; +use log::debug; +use std::borrow::Cow; +use std::str; +use std::str::FromStr; +use std::time::{Duration, SystemTime}; +use url::{Position, Url}; + +/// Request represents a single HTTP request. +/// +/// The structure is created using (RequestBuilder)[struct.RequestBuilder.html]. Most uses of this +/// library will hold several of the fields in this structure fixed. Cloning the structure with +/// these fields applied is a convenient way to avoid repeating those fields. Most fields are +/// references, since in common use the values already exist and will outlive the request. +/// +/// A request can be used on the client, to generate a header or a bewit, or on the server, to +/// validate the same. +/// +/// # Examples +/// +/// ``` +/// use hawk::RequestBuilder; +/// let bldr = RequestBuilder::new("GET", "mysite.com", 443, "/"); +/// let request1 = bldr.clone().method("POST").path("/api/user").request(); +/// let request2 = bldr.path("/api/users").request(); +/// ``` +/// +/// See the documentation in the crate root for examples of creating and validating headers. +#[derive(Debug, Clone)] +pub struct Request<'a> { + method: &'a str, + host: &'a str, + port: u16, + path: Cow<'a, str>, + hash: Option<&'a [u8]>, + ext: Option<&'a str>, + app: Option<&'a str>, + dlg: Option<&'a str>, +} + +impl<'a> Request<'a> { + /// Create a new Header for this request, inventing a new nonce and setting the + /// timestamp to the current time. + pub fn make_header(&self, credentials: &Credentials) -> Result
{ + let nonce = random_string(10)?; + self.make_header_full(credentials, SystemTime::now(), nonce) + } + + /// Similar to `make_header`, but allowing specification of the timestamp + /// and nonce. + pub fn make_header_full( + &self, + credentials: &Credentials, + ts: SystemTime, + nonce: S, + ) -> Result
+ where + S: Into, + { + let nonce = nonce.into(); + let mac = Mac::new( + MacType::Header, + &credentials.key, + ts, + &nonce, + self.method, + self.host, + self.port, + self.path.as_ref(), + self.hash, + self.ext, + )?; + Header::new( + Some(credentials.id.clone()), + Some(ts), + Some(nonce), + Some(mac), + match self.ext { + None => None, + Some(v) => Some(v.to_string()), + }, + match self.hash { + None => None, + Some(v) => Some(v.to_vec()), + }, + match self.app { + None => None, + Some(v) => Some(v.to_string()), + }, + match self.dlg { + None => None, + Some(v) => Some(v.to_string()), + }, + ) + } + + /// Make a "bewit" that can be attached to a URL to authenticate GET access. + /// + /// The ttl gives the time for which this bewit is valid, starting now. + pub fn make_bewit(&self, credentials: &'a Credentials, exp: SystemTime) -> Result> { + // note that this includes `method` and `hash` even though they must always be GET and None + // for bewits. If they aren't, then the bewit just won't validate -- no need to catch + // that now + let mac = Mac::new( + MacType::Bewit, + &credentials.key, + exp, + "", + self.method, + self.host, + self.port, + self.path.as_ref(), + self.hash, + self.ext, + )?; + let bewit = Bewit::new(&credentials.id, exp, mac, self.ext); + Ok(bewit) + } + + /// Variant of `make_bewit` that takes a Duration (starting from now) + /// instead of a SystemTime, provided for convenience. + pub fn make_bewit_with_ttl( + &self, + credentials: &'a Credentials, + ttl: Duration, + ) -> Result> { + let exp = SystemTime::now() + ttl; + self.make_bewit(credentials, exp) + } + + /// Validate the given header. This validates that the `mac` field matches that calculated + /// using the other header fields and the given request information. + /// + /// The header's timestamp is verified to be within `ts_skew` of the current time. If any of + /// the required header fields are missing, the method will return false. + /// + /// It is up to the caller to examine the header's `id` field and supply the corresponding key. + /// + /// If desired, it is up to the caller to validate that `nonce` has not been used before. + /// + /// If a hash has been supplied, then the header must contain a matching hash. Note that this + /// hash must be calculated based on the request body, not copied from the request header! + pub fn validate_header(&self, header: &Header, key: &Key, ts_skew: Duration) -> bool { + // extract required fields, returning early if they are not present + let ts = match header.ts { + Some(ts) => ts, + None => { + debug!("missing timestamp from header"); + return false; + } + }; + let nonce = match header.nonce { + Some(ref nonce) => nonce, + None => { + debug!("missing nonce from header"); + return false; + } + }; + let header_mac = match header.mac { + Some(ref mac) => mac, + None => { + debug!("missing mac from header"); + return false; + } + }; + let header_hash = match header.hash { + Some(ref hash) => Some(&hash[..]), + None => None, + }; + let header_ext = match header.ext { + Some(ref ext) => Some(&ext[..]), + None => None, + }; + + // first verify the MAC + match Mac::new( + MacType::Header, + key, + ts, + nonce, + self.method, + self.host, + self.port, + self.path.as_ref(), + header_hash, + header_ext, + ) { + Ok(calculated_mac) => { + if &calculated_mac != header_mac { + debug!("calculated mac doesn't match header"); + return false; + } + } + Err(e) => { + debug!("unexpected mac error: {:?}", e); + return false; + } + }; + + // ..then the hashes + if let Some(local_hash) = self.hash { + if let Some(server_hash) = header_hash { + if local_hash != server_hash { + debug!("server hash doesn't match header"); + return false; + } + } else { + debug!("missing hash from header"); + return false; + } + } + + // ..then the timestamp + let now = SystemTime::now(); + let skew = if now > ts { + now.duration_since(ts).unwrap() + } else { + ts.duration_since(now).unwrap() + }; + if skew > ts_skew { + debug!( + "bad timestamp skew, timestamp too old? detected skew: {:?}, ts_skew: {:?}", + &skew, &ts_skew + ); + return false; + } + + true + } + + /// Validate the given bewit matches this request. + /// + /// It is up to the caller to consult the Bewit's `id` and look up the + /// corresponding key. + /// + /// Nonces and hashes do not apply when using bewits. + pub fn validate_bewit(&self, bewit: &Bewit, key: &Key) -> bool { + let calculated_mac = Mac::new( + MacType::Bewit, + key, + bewit.exp(), + "", + self.method, + self.host, + self.port, + self.path.as_ref(), + self.hash, + match bewit.ext() { + Some(e) => Some(e), + None => None, + }, + ); + let calculated_mac = match calculated_mac { + Ok(m) => m, + Err(_) => { + return false; + } + }; + + if bewit.mac() != &calculated_mac { + return false; + } + + let now = SystemTime::now(); + if bewit.exp() < now { + return false; + } + + true + } + + /// Get a Response instance for a response to this request. This is a convenience + /// wrapper around `Response::from_request_header`. + pub fn make_response_builder(&'a self, req_header: &'a Header) -> ResponseBuilder<'a> { + ResponseBuilder::from_request_header( + req_header, + self.method, + self.host, + self.port, + self.path.as_ref(), + ) + } +} + +#[derive(Debug, Clone)] +pub struct RequestBuilder<'a>(Request<'a>); + +impl<'a> RequestBuilder<'a> { + /// Create a new request with the given method, host, port, and path. + pub fn new(method: &'a str, host: &'a str, port: u16, path: &'a str) -> Self { + RequestBuilder(Request { + method, + host, + port, + path: Cow::Borrowed(path), + hash: None, + ext: None, + app: None, + dlg: None, + }) + } + + /// Create a new request with the host, port, and path determined from the URL. + pub fn from_url(method: &'a str, url: &'a Url) -> Result { + let (host, port, path) = RequestBuilder::parse_url(url)?; + Ok(RequestBuilder(Request { + method, + host, + port, + path: Cow::Borrowed(path), + hash: None, + ext: None, + app: None, + dlg: None, + })) + } + + /// Set the request method. This should be a capitalized string. + pub fn method(mut self, method: &'a str) -> Self { + self.0.method = method; + self + } + + /// Set the URL path for the request. + pub fn path(mut self, path: &'a str) -> Self { + self.0.path = Cow::Borrowed(path); + self + } + + /// Set the URL hostname for the request + pub fn host(mut self, host: &'a str) -> Self { + self.0.host = host; + self + } + + /// Set the URL port for the request + pub fn port(mut self, port: u16) -> Self { + self.0.port = port; + self + } + + /// Set the hostname, port, and path for the request, from a string URL. + pub fn url(self, url: &'a Url) -> Result { + let (host, port, path) = RequestBuilder::parse_url(url)?; + Ok(self.path(path).host(host).port(port)) + } + + /// Set the content hash for the request + pub fn hash>>(mut self, hash: H) -> Self { + self.0.hash = hash.into(); + self + } + + /// Set the `ext` Hawk property for the request + pub fn ext>>(mut self, ext: S) -> Self { + self.0.ext = ext.into(); + self + } + + /// Set the `app` Hawk property for the request + pub fn app>>(mut self, app: S) -> Self { + self.0.app = app.into(); + self + } + + /// Set the `dlg` Hawk property for the request + pub fn dlg>>(mut self, dlg: S) -> Self { + self.0.dlg = dlg.into(); + self + } + + /// Get the request from this builder + pub fn request(self) -> Request<'a> { + self.0 + } + + /// Extract the `bewit` query parameter, if any, from the path, and return it in the output + /// parameter, returning a modified RequestBuilder omitting the `bewit=..` query parameter. If + /// no bewit is present, or if an error is returned, the output parameter is reset to None. + /// + /// The path manipulation is tested to correspond to that preformed by the hueniverse/hawk + /// implementation-specification + pub fn extract_bewit(mut self, bewit: &mut Option>) -> Result { + const PREFIX: &str = "bewit="; + *bewit = None; + + if let Some(query_index) = self.0.path.find('?') { + let (bewit_components, components): (Vec<&str>, Vec<&str>) = self.0.path + [query_index + 1..] + .split('&') + .partition(|comp| comp.starts_with(PREFIX)); + + if bewit_components.len() == 1 { + let bewit_str = bewit_components[0]; + *bewit = Some(Bewit::from_str(&bewit_str[PREFIX.len()..])?); + + // update the path to omit the bewit=... segment + let new_path = if !components.is_empty() { + format!("{}{}", &self.0.path[..=query_index], components.join("&")).to_string() + } else { + // no query left, so return the remaining path, omitting the '?' + self.0.path[..query_index].to_string() + }; + self.0.path = Cow::Owned(new_path); + Ok(self) + } else if bewit_components.is_empty() { + Ok(self) + } else { + Err(InvalidBewit::Multiple.into()) + } + } else { + Ok(self) + } + } + + fn parse_url(url: &'a Url) -> Result<(&'a str, u16, &'a str)> { + let host = url + .host_str() + .ok_or_else(|| Error::InvalidUrl(format!("url {} has no host", url)))?; + let port = url + .port_or_known_default() + .ok_or_else(|| Error::InvalidUrl(format!("url {} has no port", url)))?; + let path = &url[Position::BeforePath..]; + Ok((host, port, path)) + } +} + +/// Create a random string with `bytes` bytes of entropy. The string +/// is base64-encoded. so it will be longer than bytes characters. +fn random_string(bytes: usize) -> Result { + let mut bytes = vec![0u8; bytes]; + crate::crypto::rand_bytes(&mut bytes)?; + Ok(base64::encode(&bytes)) +} + +#[cfg(all(test, any(feature = "use_ring", feature = "use_openssl")))] +mod test { + use super::*; + use crate::credentials::{Credentials, Key}; + use crate::header::Header; + use std::str::FromStr; + use std::time::{Duration, SystemTime, UNIX_EPOCH}; + use url::Url; + + // this is a header from a real request using the JS Hawk library, to + // https://pulse.taskcluster.net:443/v1/namespaces with credentials "me" / "tok" + const REAL_HEADER: &'static str = "id=\"me\", ts=\"1491183061\", nonce=\"RVnYzW\", \ + mac=\"1kqRT9EoxiZ9AA/ayOCXB+AcjfK/BoJ+n7z0gfvZotQ=\""; + const BEWIT_STR: &str = + "bWVcMTM1MzgzMjgzNFxmaXk0ZTV3QmRhcEROeEhIZUExOE5yU3JVMVUzaVM2NmdtMFhqVEpwWXlVPVw"; + + // this is used as the initial bewit when calling extract_bewit, to verify that it is + // not allowing the original value of the parameter to remain in place. + const INITIAL_BEWIT_STR: &str = + "T0ggTk9FU1wxMzUzODMyODM0XGZpeTRlNXdCZGFwRE54SEhlQTE4TnJTclUxVTNpUzY2Z20wWGpUSnBZeVU9XCZtdXQgYmV3aXQgbm90IHJlc2V0IQ"; + + #[test] + fn test_empty() { + let req = RequestBuilder::new("GET", "site", 80, "/").request(); + assert_eq!(req.method, "GET"); + assert_eq!(req.host, "site"); + assert_eq!(req.port, 80); + assert_eq!(req.path, "/"); + assert_eq!(req.hash, None); + assert_eq!(req.ext, None); + assert_eq!(req.app, None); + assert_eq!(req.dlg, None); + } + + #[test] + fn test_builder() { + let hash = vec![0u8]; + let req = RequestBuilder::new("GET", "example.com", 443, "/foo") + .hash(Some(&hash[..])) + .ext("ext") + .app("app") + .dlg("dlg") + .request(); + + assert_eq!(req.method, "GET"); + assert_eq!(req.path, "/foo"); + assert_eq!(req.host, "example.com"); + assert_eq!(req.port, 443); + assert_eq!(req.hash, Some(&hash[..])); + assert_eq!(req.ext, Some("ext")); + assert_eq!(req.app, Some("app")); + assert_eq!(req.dlg, Some("dlg")); + } + + #[test] + fn test_builder_clone() { + let rb = RequestBuilder::new("GET", "site", 443, "/foo"); + let req = rb.clone().request(); + let req2 = rb.path("/bar").request(); + + assert_eq!(req.method, "GET"); + assert_eq!(req.path, "/foo"); + assert_eq!(req2.method, "GET"); + assert_eq!(req2.path, "/bar"); + } + + #[test] + fn test_url_builder() { + let url = Url::parse("https://example.com/foo").unwrap(); + let req = RequestBuilder::from_url("GET", &url).unwrap().request(); + + assert_eq!(req.path, "/foo"); + assert_eq!(req.host, "example.com"); + assert_eq!(req.port, 443); // default for https + } + + #[test] + fn test_url_builder_with_query() { + let url = Url::parse("https://example.com/foo?foo=bar").unwrap(); + let bldr = RequestBuilder::from_url("GET", &url).unwrap(); + + let mut bewit = Some(Bewit::from_str(INITIAL_BEWIT_STR).unwrap()); + let bldr = bldr.extract_bewit(&mut bewit).unwrap(); + assert_eq!(bewit, None); + + let req = bldr.request(); + + assert_eq!(req.path, "/foo?foo=bar"); + assert_eq!(req.host, "example.com"); + assert_eq!(req.port, 443); // default for https + } + + #[test] + fn test_url_builder_with_encodable_chars() { + let url = Url::parse("https://example.com/ñoo?foo=año").unwrap(); + let bldr = RequestBuilder::from_url("GET", &url).unwrap(); + + let mut bewit = Some(Bewit::from_str(INITIAL_BEWIT_STR).unwrap()); + let bldr = bldr.extract_bewit(&mut bewit).unwrap(); + assert_eq!(bewit, None); + + let req = bldr.request(); + + assert_eq!(req.path, "/%C3%B1oo?foo=a%C3%B1o"); + assert_eq!(req.host, "example.com"); + assert_eq!(req.port, 443); // default for https + } + + #[test] + fn test_url_builder_with_empty_query() { + let url = Url::parse("https://example.com/foo?").unwrap(); + let bldr = RequestBuilder::from_url("GET", &url).unwrap(); + + let mut bewit = Some(Bewit::from_str(INITIAL_BEWIT_STR).unwrap()); + let bldr = bldr.extract_bewit(&mut bewit).unwrap(); + assert_eq!(bewit, None); + + let req = bldr.request(); + + assert_eq!(req.path, "/foo?"); + assert_eq!(req.host, "example.com"); + assert_eq!(req.port, 443); // default for https + } + + #[test] + fn test_url_builder_with_bewit_alone() { + let url = Url::parse(&format!("https://example.com/foo?bewit={}", BEWIT_STR)).unwrap(); + let bldr = RequestBuilder::from_url("GET", &url).unwrap(); + + let mut bewit = Some(Bewit::from_str(INITIAL_BEWIT_STR).unwrap()); + let bldr = bldr.extract_bewit(&mut bewit).unwrap(); + assert_eq!(bewit, Some(Bewit::from_str(BEWIT_STR).unwrap())); + + let req = bldr.request(); + + assert_eq!(req.path, "/foo"); // NOTE: strips the `?` + assert_eq!(req.host, "example.com"); + assert_eq!(req.port, 443); // default for https + } + + #[test] + fn test_url_builder_with_bewit_first() { + let url = Url::parse(&format!("https://example.com/foo?bewit={}&a=1", BEWIT_STR)).unwrap(); + let bldr = RequestBuilder::from_url("GET", &url).unwrap(); + + let mut bewit = Some(Bewit::from_str(INITIAL_BEWIT_STR).unwrap()); + let bldr = bldr.extract_bewit(&mut bewit).unwrap(); + assert_eq!(bewit, Some(Bewit::from_str(BEWIT_STR).unwrap())); + + let req = bldr.request(); + + assert_eq!(req.path, "/foo?a=1"); + assert_eq!(req.host, "example.com"); + assert_eq!(req.port, 443); // default for https + } + + #[test] + fn test_url_builder_with_bewit_multiple() { + let url = Url::parse(&format!( + "https://example.com/foo?bewit={}&bewit={}", + BEWIT_STR, BEWIT_STR + )) + .unwrap(); + let bldr = RequestBuilder::from_url("GET", &url).unwrap(); + + let mut bewit = Some(Bewit::from_str(INITIAL_BEWIT_STR).unwrap()); + assert!(bldr.extract_bewit(&mut bewit).is_err()); + assert_eq!(bewit, None); + } + + #[test] + fn test_url_builder_with_bewit_invalid() { + let url = Url::parse("https://example.com/foo?bewit=1234").unwrap(); + let bldr = RequestBuilder::from_url("GET", &url).unwrap(); + + let mut bewit = Some(Bewit::from_str(INITIAL_BEWIT_STR).unwrap()); + assert!(bldr.extract_bewit(&mut bewit).is_err()); + assert_eq!(bewit, None); + } + + #[test] + fn test_url_builder_with_bewit_last() { + let url = Url::parse(&format!("https://example.com/foo?a=1&bewit={}", BEWIT_STR)).unwrap(); + let bldr = RequestBuilder::from_url("GET", &url).unwrap(); + + let mut bewit = Some(Bewit::from_str(INITIAL_BEWIT_STR).unwrap()); + let bldr = bldr.extract_bewit(&mut bewit).unwrap(); + assert_eq!(bewit, Some(Bewit::from_str(BEWIT_STR).unwrap())); + + let req = bldr.request(); + + assert_eq!(req.path, "/foo?a=1"); + assert_eq!(req.host, "example.com"); + assert_eq!(req.port, 443); // default for https + } + + #[test] + fn test_url_builder_with_bewit_middle() { + let url = Url::parse(&format!( + "https://example.com/foo?a=1&bewit={}&b=2", + BEWIT_STR + )) + .unwrap(); + let bldr = RequestBuilder::from_url("GET", &url).unwrap(); + + let mut bewit = Some(Bewit::from_str(INITIAL_BEWIT_STR).unwrap()); + let bldr = bldr.extract_bewit(&mut bewit).unwrap(); + assert_eq!(bewit, Some(Bewit::from_str(BEWIT_STR).unwrap())); + + let req = bldr.request(); + + assert_eq!(req.path, "/foo?a=1&b=2"); + assert_eq!(req.host, "example.com"); + assert_eq!(req.port, 443); // default for https + } + + #[test] + fn test_url_builder_with_bewit_percent_encoding() { + // Note that this *over*-encodes things. Perfectly legal, but the kind + // of thing that incautious libraries can sometimes fail to reproduce, + // causing Hawk validation failures + let url = Url::parse(&format!( + "https://example.com/foo?%66oo=1&bewit={}&%62ar=2", + BEWIT_STR + )) + .unwrap(); + let bldr = RequestBuilder::from_url("GET", &url).unwrap(); + + let mut bewit = Some(Bewit::from_str(INITIAL_BEWIT_STR).unwrap()); + let bldr = bldr.extract_bewit(&mut bewit).unwrap(); + assert_eq!(bewit, Some(Bewit::from_str(BEWIT_STR).unwrap())); + + let req = bldr.request(); + + assert_eq!(req.path, "/foo?%66oo=1&%62ar=2"); + assert_eq!(req.host, "example.com"); + assert_eq!(req.port, 443); // default for https + } + + #[test] + fn test_url_builder_with_xxxbewit() { + // check that we're not doing a simple string search for "bewit=.." + let url = Url::parse(&format!( + "https://example.com/foo?a=1&xxxbewit={}&b=2", + BEWIT_STR + )) + .unwrap(); + let bldr = RequestBuilder::from_url("GET", &url).unwrap(); + + let mut bewit = Some(Bewit::from_str(INITIAL_BEWIT_STR).unwrap()); + let bldr = bldr.extract_bewit(&mut bewit).unwrap(); + assert_eq!(bewit, None); + + let req = bldr.request(); + + assert_eq!(req.path, format!("/foo?a=1&xxxbewit={}&b=2", BEWIT_STR)); + assert_eq!(req.host, "example.com"); + assert_eq!(req.port, 443); // default for https + } + + #[test] + fn test_url_builder_with_username_password() { + let url = Url::parse("https://a:b@example.com/foo?x=y").unwrap(); + let bldr = RequestBuilder::from_url("GET", &url).unwrap(); + + let mut bewit = Some(Bewit::from_str(INITIAL_BEWIT_STR).unwrap()); + let bldr = bldr.extract_bewit(&mut bewit).unwrap(); + assert_eq!(bewit, None); + + let req = bldr.request(); + + assert_eq!(req.path, "/foo?x=y"); + assert_eq!(req.host, "example.com"); + assert_eq!(req.port, 443); // default for https + } + + #[test] + fn test_make_header_full() { + let req = RequestBuilder::new("GET", "example.com", 443, "/foo").request(); + let credentials = Credentials { + id: "me".to_string(), + key: Key::new(vec![99u8; 32], crate::SHA256).unwrap(), + }; + let header = req + .make_header_full(&credentials, UNIX_EPOCH + Duration::new(1000, 100), "nonny") + .unwrap(); + assert_eq!( + header, + Header { + id: Some("me".to_string()), + ts: Some(UNIX_EPOCH + Duration::new(1000, 100)), + nonce: Some("nonny".to_string()), + mac: Some(Mac::from(vec![ + 122, 47, 2, 53, 195, 247, 185, 107, 133, 250, 61, 134, 200, 35, 118, 94, 48, + 175, 237, 108, 60, 71, 4, 2, 244, 66, 41, 172, 91, 7, 233, 140 + ])), + ext: None, + hash: None, + app: None, + dlg: None, + } + ); + } + + #[test] + fn test_make_header_full_with_optional_fields() { + let hash = vec![0u8]; + let req = RequestBuilder::new("GET", "example.com", 443, "/foo") + .hash(Some(&hash[..])) + .ext("ext") + .app("app") + .dlg("dlg") + .request(); + let credentials = Credentials { + id: "me".to_string(), + key: Key::new(vec![99u8; 32], crate::SHA256).unwrap(), + }; + let header = req + .make_header_full(&credentials, UNIX_EPOCH + Duration::new(1000, 100), "nonny") + .unwrap(); + assert_eq!( + header, + Header { + id: Some("me".to_string()), + ts: Some(UNIX_EPOCH + Duration::new(1000, 100)), + nonce: Some("nonny".to_string()), + mac: Some(Mac::from(vec![ + 72, 123, 243, 214, 145, 81, 129, 54, 183, 90, 22, 136, 192, 146, 208, 53, 216, + 138, 145, 94, 175, 204, 217, 8, 77, 16, 202, 50, 10, 144, 133, 162 + ])), + ext: Some("ext".to_string()), + hash: Some(hash.clone()), + app: Some("app".to_string()), + dlg: Some("dlg".to_string()), + } + ); + } + + #[test] + fn test_validate_matches_generated() { + let req = RequestBuilder::new("GET", "example.com", 443, "/foo").request(); + let credentials = Credentials { + id: "me".to_string(), + key: Key::new(vec![99u8; 32], crate::SHA256).unwrap(), + }; + let header = req + .make_header_full(&credentials, SystemTime::now(), "nonny") + .unwrap(); + assert!(req.validate_header(&header, &credentials.key, Duration::from_secs(1 * 60))); + } + + // Well, close enough. + const ONE_YEAR_IN_SECS: u64 = 365 * 24 * 60 * 60; + + #[test] + fn test_validate_real_request() { + let header = Header::from_str(REAL_HEADER).unwrap(); + let credentials = Credentials { + id: "me".to_string(), + key: Key::new("tok", crate::SHA256).unwrap(), + }; + let req = + RequestBuilder::new("GET", "pulse.taskcluster.net", 443, "/v1/namespaces").request(); + // allow 1000 years skew, since this was a real request that + // happened back in 2017, when life was simple and carefree + assert!(req.validate_header( + &header, + &credentials.key, + Duration::from_secs(1000 * ONE_YEAR_IN_SECS) + )); + } + + #[test] + fn test_validate_real_request_bad_creds() { + let header = Header::from_str(REAL_HEADER).unwrap(); + let credentials = Credentials { + id: "me".to_string(), + key: Key::new("WRONG", crate::SHA256).unwrap(), + }; + let req = + RequestBuilder::new("GET", "pulse.taskcluster.net", 443, "/v1/namespaces").request(); + assert!(!req.validate_header( + &header, + &credentials.key, + Duration::from_secs(1000 * ONE_YEAR_IN_SECS) + )); + } + + #[test] + fn test_validate_real_request_bad_req_info() { + let header = Header::from_str(REAL_HEADER).unwrap(); + let credentials = Credentials { + id: "me".to_string(), + key: Key::new("tok", crate::SHA256).unwrap(), + }; + let req = RequestBuilder::new("GET", "pulse.taskcluster.net", 443, "WRONG PATH").request(); + assert!(!req.validate_header( + &header, + &credentials.key, + Duration::from_secs(1000 * ONE_YEAR_IN_SECS) + )); + } + + fn make_header_without_hash() -> Header { + Header::new( + Some("dh37fgj492je"), + Some(UNIX_EPOCH + Duration::new(1353832234, 0)), + Some("j4h3g2"), + Some(Mac::from(vec![ + 161, 105, 122, 110, 248, 62, 129, 193, 148, 206, 239, 193, 219, 46, 137, 221, 51, + 170, 135, 114, 81, 68, 145, 182, 15, 165, 145, 168, 114, 237, 52, 35, + ])), + None, + None, + None, + None, + ) + .unwrap() + } + + fn make_header_with_hash() -> Header { + Header::new( + Some("dh37fgj492je"), + Some(UNIX_EPOCH + Duration::new(1353832234, 0)), + Some("j4h3g2"), + Some(Mac::from(vec![ + 189, 53, 155, 244, 203, 150, 255, 238, 135, 144, 186, 93, 6, 189, 184, 21, 150, + 210, 226, 61, 93, 154, 17, 218, 142, 250, 254, 193, 123, 132, 131, 195, + ])), + None, + Some(vec![1, 2, 3, 4]), + None, + None, + ) + .unwrap() + } + + #[test] + fn test_validate_no_hash() { + let header = make_header_without_hash(); + let req = RequestBuilder::new("", "", 0, "").request(); + assert!(req.validate_header( + &header, + &Key::new("tok", crate::SHA256).unwrap(), + Duration::from_secs(1000 * ONE_YEAR_IN_SECS) + )); + } + + #[test] + fn test_validate_hash_in_header() { + let header = make_header_with_hash(); + let req = RequestBuilder::new("", "", 0, "").request(); + assert!(req.validate_header( + &header, + &Key::new("tok", crate::SHA256).unwrap(), + Duration::from_secs(1000 * ONE_YEAR_IN_SECS) + )); + } + + #[test] + fn test_validate_hash_required_but_not_given() { + let header = make_header_without_hash(); + let hash = vec![1, 2, 3, 4]; + let req = RequestBuilder::new("", "", 0, "") + .hash(Some(&hash[..])) + .request(); + assert!(!req.validate_header( + &header, + &Key::new("tok", crate::SHA256).unwrap(), + Duration::from_secs(1000 * ONE_YEAR_IN_SECS) + )); + } + + #[test] + fn test_validate_hash_validated() { + let header = make_header_with_hash(); + let hash = vec![1, 2, 3, 4]; + let req = RequestBuilder::new("", "", 0, "") + .hash(Some(&hash[..])) + .request(); + assert!(req.validate_header( + &header, + &Key::new("tok", crate::SHA256).unwrap(), + Duration::from_secs(1000 * ONE_YEAR_IN_SECS) + )); + + // ..but supplying the wrong hash will cause validation to fail + let hash = vec![99, 99, 99, 99]; + let req = RequestBuilder::new("", "", 0, "") + .hash(Some(&hash[..])) + .request(); + assert!(!req.validate_header( + &header, + &Key::new("tok", crate::SHA256).unwrap(), + Duration::from_secs(1000 * ONE_YEAR_IN_SECS) + )); + } + + fn round_trip_bewit(req: Request, ts: SystemTime, expected: bool) { + let credentials = Credentials { + id: "me".to_string(), + key: Key::new("tok", crate::SHA256).unwrap(), + }; + + let bewit = req.make_bewit(&credentials, ts).unwrap(); + + // convert to a string and back + let bewit = bewit.to_str(); + let bewit = Bewit::from_str(&bewit).unwrap(); + + // and validate it maches the original request + assert_eq!(req.validate_bewit(&bewit, &credentials.key), expected); + } + + #[test] + fn test_validate_bewit() { + let req = RequestBuilder::new("GET", "foo.com", 443, "/x/y/z").request(); + round_trip_bewit(req, SystemTime::now() + Duration::from_secs(10 * 60), true); + } + + #[test] + fn test_validate_bewit_ext() { + let req = RequestBuilder::new("GET", "foo.com", 443, "/x/y/z") + .ext("abcd") + .request(); + round_trip_bewit(req, SystemTime::now() + Duration::from_secs(10 * 60), true); + } + + #[test] + fn test_validate_bewit_expired() { + let req = RequestBuilder::new("GET", "foo.com", 443, "/x/y/z").request(); + round_trip_bewit(req, SystemTime::now() - Duration::from_secs(10 * 60), false); + } +} diff --git a/third_party/rust/hawk/src/response.rs b/third_party/rust/hawk/src/response.rs new file mode 100644 index 0000000000..1709225021 --- /dev/null +++ b/third_party/rust/hawk/src/response.rs @@ -0,0 +1,320 @@ +use crate::credentials::Key; +use crate::error::*; +use crate::header::Header; +use crate::mac::{Mac, MacType}; + +/// A Response represents a response from an HTTP server. +/// +/// The structure is created from a request and then used to either create (server) or validate +/// (client) a `Server-Authentication` header. +/// +/// Like `Request`, Responses are built with `ResponseBuilders`. +/// +/// # Examples +/// +/// See the documentation in the crate root for examples. +#[derive(Debug, Clone)] +pub struct Response<'a> { + method: &'a str, + host: &'a str, + port: u16, + path: &'a str, + req_header: &'a Header, + hash: Option<&'a [u8]>, + ext: Option<&'a str>, +} + +impl<'a> Response<'a> { + /// Create a new Header for this response, based on the given request and request header + pub fn make_header(&self, key: &Key) -> Result
{ + let mac; + let ts = self.req_header.ts.ok_or(Error::MissingTs)?; + let nonce = self.req_header.nonce.as_ref().ok_or(Error::MissingNonce)?; + mac = Mac::new( + MacType::Response, + key, + ts, + nonce, + self.method, + self.host, + self.port, + self.path, + self.hash, + self.ext, + )?; + + // Per JS implementation, the Server-Authorization header includes only mac, hash, and ext + Header::new( + None, + None, + None, + Some(mac), + match self.ext { + None => None, + Some(v) => Some(v.to_string()), + }, + match self.hash { + None => None, + Some(v) => Some(v.to_vec()), + }, + None, + None, + ) + } + + /// Validate a Server-Authorization header. + /// + /// This checks that the MAC matches and, if a hash has been supplied locally, + /// checks that one was provided from the server and that it, too, matches. + pub fn validate_header(&self, response_header: &Header, key: &Key) -> bool { + // extract required fields, returning early if they are not present + let ts = match self.req_header.ts { + Some(ts) => ts, + None => { + return false; + } + }; + let nonce = match self.req_header.nonce { + Some(ref nonce) => nonce, + None => { + return false; + } + }; + let header_mac = match response_header.mac { + Some(ref mac) => mac, + None => { + return false; + } + }; + let header_ext = match response_header.ext { + Some(ref ext) => Some(&ext[..]), + None => None, + }; + let header_hash = match response_header.hash { + Some(ref hash) => Some(&hash[..]), + None => None, + }; + + // first verify the MAC + match Mac::new( + MacType::Response, + key, + ts, + nonce, + self.method, + self.host, + self.port, + self.path, + header_hash, + header_ext, + ) { + Ok(calculated_mac) => { + if &calculated_mac != header_mac { + return false; + } + } + Err(_) => { + return false; + } + }; + + // ..then the hashes + if let Some(local_hash) = self.hash { + if let Some(server_hash) = header_hash { + if local_hash != server_hash { + return false; + } + } else { + return false; + } + } + + // NOTE: the timestamp self.req_header.ts was generated locally, so + // there is no need to verify it + + true + } +} + +#[derive(Debug, Clone)] +pub struct ResponseBuilder<'a>(Response<'a>); + +impl<'a> ResponseBuilder<'a> { + /// Generate a new Response from a request header. + /// + /// This is more commonly accessed through `Request::make_response`. + pub fn from_request_header( + req_header: &'a Header, + method: &'a str, + host: &'a str, + port: u16, + path: &'a str, + ) -> Self { + ResponseBuilder(Response { + method, + host, + port, + path, + req_header, + hash: None, + ext: None, + }) + } + + /// Set the content hash for the response. + /// + /// This should always be calculated from the response payload, not copied from a header. + pub fn hash>>(mut self, hash: H) -> Self { + self.0.hash = hash.into(); + self + } + + /// Set the `ext` Hawk property for the response. + /// + /// This need only be set on the server; it is ignored in validating responses on the client. + pub fn ext>>(mut self, ext: S) -> Self { + self.0.ext = ext.into(); + self + } + + /// Get the response from this builder + pub fn response(self) -> Response<'a> { + self.0 + } +} + +#[cfg(all(test, any(feature = "use_ring", feature = "use_openssl")))] +mod test { + use super::ResponseBuilder; + use crate::credentials::Key; + use crate::header::Header; + use crate::mac::Mac; + use std::time::{Duration, UNIX_EPOCH}; + + fn make_req_header() -> Header { + Header::new( + None, + Some(UNIX_EPOCH + Duration::new(1353832234, 0)), + Some("j4h3g2"), + None, + None, + None, + None, + None, + ) + .unwrap() + } + + #[test] + fn test_validation_no_hash() { + let req_header = make_req_header(); + let resp = + ResponseBuilder::from_request_header(&req_header, "POST", "localhost", 9988, "/a/b") + .response(); + let mac: Mac = Mac::from(vec![ + 48, 133, 228, 163, 224, 197, 222, 77, 117, 81, 143, 73, 71, 120, 68, 238, 228, 40, 55, + 64, 190, 73, 102, 123, 79, 185, 199, 26, 62, 1, 137, 170, + ]); + let server_header = Header::new( + None, + None, + None, + Some(mac), + Some("server-ext"), + None, + None, + None, + ) + .unwrap(); + assert!(resp.validate_header(&server_header, &Key::new("tok", crate::SHA256).unwrap())); + } + + #[test] + fn test_validation_hash_in_header() { + // When a hash is provided in the response header, but no hash is added to the Response, + // it is ignored (so validation succeeds) + let req_header = make_req_header(); + let resp = + ResponseBuilder::from_request_header(&req_header, "POST", "localhost", 9988, "/a/b") + .response(); + let mac: Mac = Mac::from(vec![ + 33, 147, 159, 211, 184, 194, 189, 74, 53, 229, 241, 161, 215, 145, 22, 34, 206, 207, + 242, 100, 33, 193, 36, 96, 149, 133, 180, 4, 132, 87, 207, 238, + ]); + let server_header = Header::new( + None, + None, + None, + Some(mac), + Some("server-ext"), + Some(vec![1, 2, 3, 4]), + None, + None, + ) + .unwrap(); + assert!(resp.validate_header(&server_header, &Key::new("tok", crate::SHA256).unwrap())); + } + + #[test] + fn test_validation_hash_required_but_not_given() { + // When Response.hash is called, but no hash is in the hader, validation fails. + let req_header = make_req_header(); + let hash = vec![1, 2, 3, 4]; + let resp = + ResponseBuilder::from_request_header(&req_header, "POST", "localhost", 9988, "/a/b") + .hash(&hash[..]) + .response(); + let mac: Mac = Mac::from(vec![ + 48, 133, 228, 163, 224, 197, 222, 77, 117, 81, 143, 73, 71, 120, 68, 238, 228, 40, 55, + 64, 190, 73, 102, 123, 79, 185, 199, 26, 62, 1, 137, 170, + ]); + let server_header = Header::new( + None, + None, + None, + Some(mac), + Some("server-ext"), + None, + None, + None, + ) + .unwrap(); + assert!(!resp.validate_header(&server_header, &Key::new("tok", crate::SHA256).unwrap())); + } + + #[test] + fn test_validation_hash_validated() { + // When a hash is provided in the response header and the Response.hash method is called, + // the two must match + let req_header = make_req_header(); + let hash = vec![1, 2, 3, 4]; + let resp = + ResponseBuilder::from_request_header(&req_header, "POST", "localhost", 9988, "/a/b") + .hash(&hash[..]) + .response(); + let mac: Mac = Mac::from(vec![ + 33, 147, 159, 211, 184, 194, 189, 74, 53, 229, 241, 161, 215, 145, 22, 34, 206, 207, + 242, 100, 33, 193, 36, 96, 149, 133, 180, 4, 132, 87, 207, 238, + ]); + let server_header = Header::new( + None, + None, + None, + Some(mac), + Some("server-ext"), + Some(vec![1, 2, 3, 4]), + None, + None, + ) + .unwrap(); + assert!(resp.validate_header(&server_header, &Key::new("tok", crate::SHA256).unwrap())); + + // a different supplied hash won't match.. + let hash = vec![99, 99, 99, 99]; + let resp = + ResponseBuilder::from_request_header(&req_header, "POST", "localhost", 9988, "/a/b") + .hash(&hash[..]) + .response(); + assert!(!resp.validate_header(&server_header, &Key::new("tok", crate::SHA256).unwrap())); + } +} -- cgit v1.2.3