use agent
This commit is contained in:
@@ -1,19 +1,18 @@
|
||||
use agent_lib::{ed25519::Ed25519PrivKey, SharedPtr};
|
||||
use rustls::{pki_types::CertificateDer, server::{ClientHello, ResolvesServerCert}, sign::{CertifiedKey, Signer as TLSSigner, SigningKey}, SignatureAlgorithm, SignatureScheme};
|
||||
// use rustls_pki_types::CertificateDer;
|
||||
use std::{sync::Arc, fs, io::BufReader};
|
||||
use ed25519_dalek::Signer;
|
||||
use std::{fs, io::BufReader, ops::Deref, sync::Arc};
|
||||
|
||||
#[derive(Debug)]
|
||||
pub struct CertificateResolver {
|
||||
cert_filename: String,
|
||||
key: [u8; 32]
|
||||
key: Arc<Ed25519PrivKey>
|
||||
}
|
||||
|
||||
impl CertificateResolver {
|
||||
pub fn new(cert_filename: String, key: [u8; 32]) -> Self {
|
||||
pub fn new(cert_filename: String, key: Ed25519PrivKey) -> Self {
|
||||
Self {
|
||||
cert_filename,
|
||||
key
|
||||
key: Arc::new(key)
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -31,7 +30,7 @@ impl ResolvesServerCert for CertificateResolver {
|
||||
Some(Arc::new(CertifiedKey {
|
||||
cert: vec![cert],
|
||||
key: Arc::new(Ed25519Key{
|
||||
key: self.key
|
||||
key: self.key.clone()
|
||||
}),
|
||||
ocsp: None
|
||||
}))
|
||||
@@ -40,13 +39,13 @@ impl ResolvesServerCert for CertificateResolver {
|
||||
|
||||
#[derive(Debug)]
|
||||
struct Ed25519Key {
|
||||
key: [u8; 32]
|
||||
key: Arc<Ed25519PrivKey>
|
||||
}
|
||||
|
||||
impl SigningKey for Ed25519Key {
|
||||
fn choose_scheme(&self, offered: &[SignatureScheme]) -> Option<Box<dyn TLSSigner>> {
|
||||
if offered.contains(&SignatureScheme::ED25519) {
|
||||
Some(Box::new(Ed25519Signer::new(&self.key)))
|
||||
Some(Box::new(Ed25519Signer::new(self.key.clone())))
|
||||
} else {
|
||||
None
|
||||
}
|
||||
@@ -59,13 +58,13 @@ impl SigningKey for Ed25519Key {
|
||||
|
||||
#[derive(Debug)]
|
||||
struct Ed25519Signer {
|
||||
key: ed25519_dalek::SigningKey
|
||||
key: Arc<Ed25519PrivKey>
|
||||
}
|
||||
|
||||
impl Ed25519Signer {
|
||||
fn new(key: &[u8; 32]) -> Self {
|
||||
fn new(key: Arc<Ed25519PrivKey>) -> Self {
|
||||
Self {
|
||||
key: ed25519_dalek::SigningKey::from_bytes(key)
|
||||
key
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -76,6 +75,8 @@ impl TLSSigner for Ed25519Signer {
|
||||
}
|
||||
|
||||
fn sign(&self, message: &[u8]) -> Result<Vec<u8>, rustls::Error> {
|
||||
Ok(self.key.sign(message).to_vec())
|
||||
let mut msg = SharedPtr::new(message.len()).expect("SharedPtr allocation failed");
|
||||
msg.copy_from_slice(message);
|
||||
Ok(agent_lib::ed25519::ed25519_sign(self.key.deref(), &msg).to_vec())
|
||||
}
|
||||
}
|
||||
|
||||
@@ -3,15 +3,14 @@ mod certificate_resolver;
|
||||
use std::{error::Error, io::Write};
|
||||
use std::net::TcpListener;
|
||||
use std::sync::Arc;
|
||||
use agent_lib::ed25519::Ed25519PrivKey;
|
||||
use rustls::server::{ServerConfig, Acceptor};
|
||||
use certificate_resolver::CertificateResolver;
|
||||
|
||||
fn main() -> Result<(), Box<dyn Error>> {
|
||||
env_logger::init();
|
||||
|
||||
let ed25519_key = [67, 172, 227, 162, 104, 7, 219, 85, 140, 212, 238, 223, 8, 206, 63, 0, 91, 20, 173, 188, 82, 207, 110, 235, 3, 55, 237, 2, 25, 65, 40, 186];
|
||||
|
||||
let cert_resolver = Arc::new(CertificateResolver::new("./ed25519.crt".to_string(), ed25519_key));
|
||||
let cert_resolver = Arc::new(CertificateResolver::new("./ed25519.crt".to_string(), Ed25519PrivKey::from(&[0,0,0,0,0,0,0,0])));
|
||||
|
||||
let config = Arc::new(ServerConfig::builder()
|
||||
.with_no_client_auth()
|
||||
|
||||
Reference in New Issue
Block a user