diff --git a/Cargo.toml b/Cargo.toml index 904dea39a..a4d56a376 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -474,7 +474,7 @@ features = ["std"] # PKCS#8 encoding [workspace.dependencies.pkcs8] version = "0.10.2" -features = ["std", "pkcs5", "encryption"] +features = ["alloc", "std", "pkcs5", "encryption"] # Public Suffix List [workspace.dependencies.psl] diff --git a/crates/config/src/sections/secrets.rs b/crates/config/src/sections/secrets.rs index 7886e9a57..6df4e63a2 100644 --- a/crates/config/src/sections/secrets.rs +++ b/crates/config/src/sections/secrets.rs @@ -132,7 +132,12 @@ impl From for KeyRaw { #[serde_as] #[derive(JsonSchema, Serialize, Deserialize, Clone, Debug)] pub struct KeyConfig { - kid: String, + /// The key ID `kid` of the key as used by JWKs. + /// + /// If not given, `kid` will be derived from the key by hex-encoding the + /// first four bytes of the key’s fingerprint. + #[serde(skip_serializing_if = "Option::is_none")] + kid: Option, #[schemars(with = "PasswordRaw")] #[serde_as(as = "serde_with::TryFromInto")] @@ -178,12 +183,24 @@ impl KeyConfig { None => PrivateKey::load(&key)?, }; + let kid = match self.kid.clone() { + Some(kid) => kid, + None => kid_from_key(&private_key)?, + }; + Ok(JsonWebKey::new(private_key) - .with_kid(self.kid.clone()) + .with_kid(kid) .with_use(mas_iana::jose::JsonWebKeyUse::Sig)) } } +/// Returns a kid derived from the given key. +fn kid_from_key(private_key: &PrivateKey) -> anyhow::Result { + let fingerprint = private_key.fingerprint()?; + let head = fingerprint.first_chunk::<4>().unwrap(); + Ok(hex::encode(head)) +} + /// Encryption config option. #[derive(Debug, Clone)] pub enum Encryption { @@ -322,7 +339,7 @@ impl SecretsConfig { .await .context("could not join blocking task")?; let rsa_key = KeyConfig { - kid: Alphanumeric.sample_string(&mut rng, 10), + kid: Some(Alphanumeric.sample_string(&mut rng, 10)), password: None, key: Key::Value(rsa_key.to_pem(pem_rfc7468::LineEnding::LF)?.to_string()), }; @@ -338,7 +355,7 @@ impl SecretsConfig { .await .context("could not join blocking task")?; let ec_p256_key = KeyConfig { - kid: Alphanumeric.sample_string(&mut rng, 10), + kid: Some(Alphanumeric.sample_string(&mut rng, 10)), password: None, key: Key::Value(ec_p256_key.to_pem(pem_rfc7468::LineEnding::LF)?.to_string()), }; @@ -354,7 +371,7 @@ impl SecretsConfig { .await .context("could not join blocking task")?; let ec_p384_key = KeyConfig { - kid: Alphanumeric.sample_string(&mut rng, 10), + kid: Some(Alphanumeric.sample_string(&mut rng, 10)), password: None, key: Key::Value(ec_p384_key.to_pem(pem_rfc7468::LineEnding::LF)?.to_string()), }; @@ -370,7 +387,7 @@ impl SecretsConfig { .await .context("could not join blocking task")?; let ec_k256_key = KeyConfig { - kid: Alphanumeric.sample_string(&mut rng, 10), + kid: Some(Alphanumeric.sample_string(&mut rng, 10)), password: None, key: Key::Value(ec_k256_key.to_pem(pem_rfc7468::LineEnding::LF)?.to_string()), }; @@ -383,7 +400,7 @@ impl SecretsConfig { pub(crate) fn test() -> Self { let rsa_key = KeyConfig { - kid: "abcdef".to_owned(), + kid: Some("abcdef".to_owned()), password: None, key: Key::Value( indoc::indoc! {r" @@ -402,7 +419,7 @@ impl SecretsConfig { ), }; let ecdsa_key = KeyConfig { - kid: "ghijkl".to_owned(), + kid: Some("ghijkl".to_owned()), password: None, key: Key::Value( indoc::indoc! {r" @@ -422,3 +439,68 @@ impl SecretsConfig { } } } + +#[cfg(test)] +mod tests { + use figment::{ + Figment, Jail, + providers::{Format, Yaml}, + }; + use mas_jose::constraints::Constrainable; + use tokio::{runtime::Handle, task}; + + use super::*; + + #[tokio::test] + async fn load_config_inline_secrets() { + task::spawn_blocking(|| { + Jail::expect_with(|jail| { + jail.create_file( + "config.yaml", + indoc::indoc! {r" + secrets: + encryption: >- + 0000111122223333444455556666777788889999aaaabbbbccccddddeeeeffff + keys: + - kid: lekid0 + key: | + -----BEGIN EC PRIVATE KEY----- + MHcCAQEEIOtZfDuXZr/NC0V3sisR4Chf7RZg6a2dpZesoXMlsPeRoAoGCCqGSM49 + AwEHoUQDQgAECfpqx64lrR85MOhdMxNmIgmz8IfmM5VY9ICX9aoaArnD9FjgkBIl + fGmQWxxXDSWH6SQln9tROVZaduenJqDtDw== + -----END EC PRIVATE KEY----- + - key: | + -----BEGIN EC PRIVATE KEY----- + MHcCAQEEIKlZz/GnH0idVH1PnAF4HQNwRafgBaE2tmyN1wjfdOQqoAoGCCqGSM49 + AwEHoUQDQgAEHrgPeG+Mt8eahih1h4qaPjhl7jT25cdzBkg3dbVks6gBR2Rx4ug9 + h27LAir5RqxByHvua2XsP46rSTChof78uw== + -----END EC PRIVATE KEY----- + "}, + )?; + + let config = Figment::new() + .merge(Yaml::file("config.yaml")) + .extract_inner::("secrets")?; + + Handle::current().block_on(async move { + assert_eq!( + config.encryption().await.unwrap(), + [ + 0, 0, 17, 17, 34, 34, 51, 51, 68, 68, 85, 85, 102, 102, 119, 119, 136, + 136, 153, 153, 170, 170, 187, 187, 204, 204, 221, 221, 238, 238, 255, + 255 + ] + ); + + let key_store = config.key_store().await.unwrap(); + assert!(key_store.iter().any(|k| k.kid() == Some("lekid0"))); + assert!(key_store.iter().any(|k| k.kid() == Some("040b0ab8"))); + }); + + Ok(()) + }); + }) + .await + .unwrap(); + } +} diff --git a/crates/keystore/src/lib.rs b/crates/keystore/src/lib.rs index 66de683f0..02ca98d1a 100644 --- a/crates/keystore/src/lib.rs +++ b/crates/keystore/src/lib.rs @@ -9,7 +9,11 @@ use std::{ops::Deref, sync::Arc}; use der::{Decode, Encode, EncodePem, zeroize::Zeroizing}; -use elliptic_curve::{pkcs8::EncodePrivateKey, sec1::ToEncodedPoint}; +use elliptic_curve::{ + pkcs8::{EncodePrivateKey, EncodePublicKey}, + sec1::ToEncodedPoint, +}; +use k256::sha2::{Digest, Sha256}; use mas_iana::jose::{JsonWebKeyType, JsonWebSignatureAlg}; pub use mas_jose::jwk::{JsonWebKey, JsonWebKeySet}; use mas_jose::{ @@ -179,6 +183,24 @@ impl PrivateKey { } } + /// Returns the fingerprint of the private key. + /// + /// The fingerprint is calculated as the SHA256 sum over the PKCS#8 ASN.1 + /// DER-encoded bytes of the private key’s corresponding public key. + /// + /// # Errors + /// + /// Errors if the DER representation of the public key can’t be derived. + pub fn fingerprint(&self) -> Result<[u8; 32], pkcs8::Error> { + let bytes = match self { + PrivateKey::Rsa(key) => key.to_public_key().to_public_key_der()?, + PrivateKey::EcP256(key) => key.public_key().to_public_key_der()?, + PrivateKey::EcP384(key) => key.public_key().to_public_key_der()?, + PrivateKey::EcK256(key) => key.public_key().to_public_key_der()?, + }; + Ok(Sha256::digest(bytes).into()) + } + /// Serialize the key as a DER document /// /// It will use the most common format depending on the key type: PKCS1 for diff --git a/docs/config.schema.json b/docs/config.schema.json index 6c4fadfcd..fd111ced1 100644 --- a/docs/config.schema.json +++ b/docs/config.schema.json @@ -1553,11 +1553,9 @@ "KeyConfig": { "description": "A single key with its key ID and optional password.", "type": "object", - "required": [ - "kid" - ], "properties": { "kid": { + "description": "The key ID `kid` of the key as used by JWKs.\n\nIf not given, `kid` will be derived from the key by hex-encoding the first four bytes of the key’s fingerprint.", "type": "string" }, "password_file": { diff --git a/docs/reference/configuration.md b/docs/reference/configuration.md index a4e7dcaaf..94cb2c5e2 100644 --- a/docs/reference/configuration.md +++ b/docs/reference/configuration.md @@ -197,35 +197,7 @@ secrets: # Signing keys keys: # It needs at least an RSA key to work properly - - kid: "ahM2bien" - key: | - -----BEGIN RSA PRIVATE KEY----- - MIIEowIBAAKCAQEAuf28zPUp574jDRdX6uN0d7niZCIUpACFo+Po/13FuIGsrpze - yMX6CYWVPalgXW9FCrhxL+4toJRy5npjkgsLFsknL5/zXbWKFgt69cMwsWJ9Ra57 - bonSlI7SoCuHhtw7j+sAlHAlqTOCAVz6P039Y/AGvO6xbC7f+9XftWlbbDcjKFcb - pQilkN9qtkdEH7TLayMAFOsgNvBlwF9+oj9w5PIk3veRTdBXI4GlHjhhzqGZKiRp - oP9HnycHHveyT+C33vuhQso5a3wcUNuvDVOixSqR4kvSt4UVWNK/KmEQmlWU1/m9 - ClIwrs8Q79q0xkGaSa0iuG60nvm7tZez9TFkxwIDAQABAoIBAHA5YkppQ7fJSm0D - wNDCHeyABNJWng23IuwZAOXVNxB1bjSOAv8yNgS4zaw/Hx5BnW8yi1lYZb+W0x2u - i5X7g91j0nkyEi5g88kJdFAGTsM5ok0BUwkHsEBjTUPIACanjGjya48lfBP0OGWK - LJU2Acbjda1aeUPFpPDXw/w6bieEthQwroq3DHCMnk6i9bsxgIOXeN04ij9XBmsH - KPCP2hAUnZSlx5febYfHK7/W95aJp22qa//eHS8cKQZCJ0+dQuZwLhlGosTFqLUm - qhPlt/b1EvPPY0cq5rtUc2W31L0YayVEHVOQx1fQIkH2VIUNbAS+bfVy+o6WCRk6 - s1XDhsECgYEA30tykVTN5LncY4eQIww2mW8v1j1EG6ngVShN3GuBTuXXaEOB8Duc - yT7yJt1ZhmaJwMk4agmZ1/f/ZXBtfLREGVzVvuwqRZ+LHbqIyhi0wQJA0aezPote - uTQnFn+IveHGtpQNDYGL/UgkexuCxbc2HOZG51JpunCK0TdtVfO/9OUCgYEA1TuS - 2WAXzNudRG3xd/4OgtkLD9AvfSvyjw2LkwqCMb3A5UEqw7vubk/xgnRvqrAgJRWo - jndgRrRnikHCavDHBO0GAO/kzrFRfw+e+r4jcLl0Yadke8ndCc7VTnx4wQCrMi5H - 7HEeRwaZONoj5PAPyA5X+N/gT0NNDA7KoQT45DsCgYBt+QWa6A5jaNpPNpPZfwlg - 9e60cAYcLcUri6cVOOk9h1tYoW7cdy+XueWfGIMf+1460Z90MfhP8ncZaY6yzUGA - 0EUBO+Tx10q3wIfgKNzU9hwgZZyU4CUtx668mOEqy4iHoVDwZu4gNyiobPsyDzKa - dxtSkDc8OHNV6RtzKpJOtQKBgFoRGcwbnLH5KYqX7eDDPRnj15pMU2LJx2DJVeU8 - ERY1kl7Dke6vWNzbg6WYzPoJ/unrJhFXNyFmXj213QsSvN3FyD1pFvp/R28mB/7d - hVa93vzImdb3wxe7d7n5NYBAag9+IP8sIJ/bl6i9619uTxwvgtUqqzKPuOGY9dnh - oce1AoGBAKZyZc/NVgqV2KgAnnYlcwNn7sRSkM8dcq0/gBMNuSZkfZSuEd4wwUzR - iFlYp23O2nHWggTkzimuBPtD7Kq4jBey3ZkyGye+sAdmnKkOjNILNbpIZlT6gK3z - fBaFmJGRJinKA+BJeH79WFpYN6SBZ/c3s5BusAbEU7kE5eInyazP - -----END RSA PRIVATE KEY----- + - key_file: keys/rsa_key - kid: "iv1aShae" key: | -----BEGIN EC PRIVATE KEY----- @@ -260,9 +232,7 @@ The following key types are supported: - ECDSA with the P-384 (`secp384r1`) curve - ECDSA with the K-256 (`secp256k1`) curve -Each entry must have a unique `kid`, plus the key itself. -The `kid` can be any case-sensitive string value as long as it is unique to this list; -a key’s `kid` value must be stable across restarts. +Each entry in the list corresponds to one signing key used by MAS. The key can either be specified inline (with the `key` property), or loaded from a file (with the `key_file` property). The following key formats are supported: @@ -271,8 +241,15 @@ The following key formats are supported: - PKCS#8 PEM or DER-encoded RSA or ECDSA private key, encrypted or not - SEC1 PEM or DER-encoded ECDSA private key +A [JWK Key ID] is automatically derived from each key. +To override this default, set `kid` to a custom value. +The `kid` can be any case-sensitive string value as long as it is unique to this list; +a key’s `kid` value must be stable across restarts. + For PKCS#8 encoded keys, the `password` or `password_file` properties can be used to decrypt the key. +[JWK Key ID]: + ## `passwords` Settings related to the local password database