diff --git a/plugins/authenticator/Cargo.toml b/plugins/authenticator/Cargo.toml index 6d4098cd..042927ad 100644 --- a/plugins/authenticator/Cargo.toml +++ b/plugins/authenticator/Cargo.toml @@ -18,7 +18,7 @@ thiserror.workspace = true authenticator = "0.3.1" once_cell = "1" sha2 = "0.10" -base64 = { version = "^0.21.0" } +base64 = "0.21" u2f = "0.2" chrono = "0.4" diff --git a/plugins/authenticator/src/auth.rs b/plugins/authenticator/src/auth.rs index d7508478..c334173d 100644 --- a/plugins/authenticator/src/auth.rs +++ b/plugins/authenticator/src/auth.rs @@ -6,7 +6,7 @@ use authenticator::{ authenticatorservice::AuthenticatorService, statecallback::StateCallback, AuthenticatorTransports, KeyHandle, RegisterFlags, SignFlags, StatusUpdate, }; -use base64::{decode_config, encode_config, URL_SAFE_NO_PAD}; +use base64::{engine::general_purpose::URL_SAFE_NO_PAD, Engine}; use once_cell::sync::Lazy; use serde::Serialize; use sha2::{Digest, Sha256}; @@ -75,9 +75,9 @@ pub fn register(application: String, timeout: u64, challenge: String) -> crate:: let (key_handle, public_key) = _u2f_get_key_handle_and_public_key_from_register_response(®ister_data).unwrap(); - let key_handle_base64 = encode_config(key_handle, URL_SAFE_NO_PAD); - let public_key_base64 = encode_config(public_key, URL_SAFE_NO_PAD); - let register_data_base64 = encode_config(®ister_data, URL_SAFE_NO_PAD); + let key_handle_base64 = URL_SAFE_NO_PAD.encode(key_handle); + let public_key_base64 = URL_SAFE_NO_PAD.encode(public_key); + let register_data_base64 = URL_SAFE_NO_PAD.encode(®ister_data); println!("Key Handle: {}", &key_handle_base64); println!("Public Key: {}", &public_key_base64); @@ -108,7 +108,7 @@ pub fn sign( challenge: String, key_handle: String, ) -> crate::Result { - let credential = match decode_config(key_handle, URL_SAFE_NO_PAD) { + let credential = match URL_SAFE_NO_PAD.decode(key_handle) { Ok(v) => v, Err(e) => { return Err(e.into()); @@ -152,19 +152,16 @@ pub fn sign( let (_, handle_used, sign_data, device_info) = sign_result.unwrap(); - let sig = encode_config(sign_data, URL_SAFE_NO_PAD); + let sig = URL_SAFE_NO_PAD.encode(sign_data); println!("Sign result: {sig}"); - println!( - "Key handle used: {}", - encode_config(&handle_used, URL_SAFE_NO_PAD) - ); + println!("Key handle used: {}", URL_SAFE_NO_PAD.encode(&handle_used)); println!("Device info: {}", &device_info); println!("Done."); let res = serde_json::to_string(&Signature { sign_data: sig, - key_handle: encode_config(&handle_used, URL_SAFE_NO_PAD), + key_handle: URL_SAFE_NO_PAD.encode(&handle_used), })?; Ok(res) } diff --git a/plugins/authenticator/src/u2f.rs b/plugins/authenticator/src/u2f.rs index 026917ca..e8bd5de9 100644 --- a/plugins/authenticator/src/u2f.rs +++ b/plugins/authenticator/src/u2f.rs @@ -2,7 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 // SPDX-License-Identifier: MIT -use base64::{decode_config, encode_config, URL_SAFE_NO_PAD}; +use base64::{engine::general_purpose::URL_SAFE_NO_PAD, Engine}; use chrono::prelude::*; use serde::Serialize; use std::convert::Into; @@ -15,7 +15,7 @@ static VERSION: &str = "U2F_V2"; pub fn make_challenge(app_id: &str, challenge_bytes: Vec) -> Challenge { let utc: DateTime = Utc::now(); Challenge { - challenge: encode_config(challenge_bytes, URL_SAFE_NO_PAD), + challenge: URL_SAFE_NO_PAD.encode(challenge_bytes), timestamp: format!("{utc:?}"), app_id: app_id.to_string(), } @@ -35,10 +35,10 @@ pub fn verify_registration( register_data: String, client_data: String, ) -> crate::Result { - let challenge_bytes = decode_config(challenge, URL_SAFE_NO_PAD)?; + let challenge_bytes = URL_SAFE_NO_PAD.decode(challenge)?; let challenge = make_challenge(&app_id, challenge_bytes); let client_data_bytes: Vec = client_data.as_bytes().into(); - let client_data_base64 = encode_config(client_data_bytes, URL_SAFE_NO_PAD); + let client_data_base64 = URL_SAFE_NO_PAD.encode(client_data_bytes); let client = U2f::new(app_id); match client.register_response( challenge, @@ -50,8 +50,8 @@ pub fn verify_registration( ) { Ok(v) => { let rv = RegistrationVerification { - key_handle: encode_config(&v.key_handle, URL_SAFE_NO_PAD), - pubkey: encode_config(&v.pub_key, URL_SAFE_NO_PAD), + key_handle: URL_SAFE_NO_PAD.encode(&v.key_handle), + pubkey: URL_SAFE_NO_PAD.encode(&v.pub_key), device_name: v.device_name, }; Ok(serde_json::to_string(&rv)?) @@ -74,12 +74,12 @@ pub fn verify_signature( key_handle: String, pub_key: String, ) -> crate::Result { - let challenge_bytes = decode_config(challenge, URL_SAFE_NO_PAD)?; + let challenge_bytes = URL_SAFE_NO_PAD.decode(challenge)?; let chal = make_challenge(&app_id, challenge_bytes); let client_data_bytes: Vec = client_data.as_bytes().into(); - let client_data_base64 = encode_config(client_data_bytes, URL_SAFE_NO_PAD); - let key_handle_bytes = decode_config(&key_handle, URL_SAFE_NO_PAD)?; - let pubkey_bytes = decode_config(pub_key, URL_SAFE_NO_PAD)?; + let client_data_base64 = URL_SAFE_NO_PAD.encode(client_data_bytes); + let key_handle_bytes = URL_SAFE_NO_PAD.decode(&key_handle)?; + let pubkey_bytes = URL_SAFE_NO_PAD.decode(pub_key)?; let client = U2f::new(app_id); let mut _counter: u32 = 0; match client.sign_response(