From 0d895ba00286f88e6b2c57581a442bf5bebfca01 Mon Sep 17 00:00:00 2001
From: Conrad Ludgate <conradludgate@gmail.com>
Date: Wed, 7 Aug 2024 15:14:03 +0100
Subject: [PATCH] strip down supported algorithms to just RS256 and ES256

---
 Cargo.lock                    | 101 ----------------------------------
 proxy/Cargo.toml              |   4 --
 proxy/src/auth/backend/jwt.rs |  79 +-------------------------
 3 files changed, 1 insertion(+), 183 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 986f672377..253b78d99d 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1548,33 +1548,6 @@ dependencies = [
  "typenum",
 ]
 
-[[package]]
-name = "curve25519-dalek"
-version = "4.1.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "97fb8b7c4503de7d6ae7b42ab72a5a59857b4c937ec27a3d4539dba95b5ab2be"
-dependencies = [
- "cfg-if",
- "cpufeatures",
- "curve25519-dalek-derive",
- "digest",
- "fiat-crypto",
- "rustc_version",
- "subtle",
- "zeroize",
-]
-
-[[package]]
-name = "curve25519-dalek-derive"
-version = "0.1.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f46882e17999c6cc590af592290432be3bce0428cb0d5f8b6715e4dc7b383eb3"
-dependencies = [
- "proc-macro2",
- "quote",
- "syn 2.0.52",
-]
-
 [[package]]
 name = "darling"
 version = "0.20.1"
@@ -1827,30 +1800,6 @@ dependencies = [
  "spki 0.7.3",
 ]
 
-[[package]]
-name = "ed25519"
-version = "2.2.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "115531babc129696a58c64a4fef0a8bf9e9698629fb97e9e40767d235cfbcd53"
-dependencies = [
- "pkcs8 0.10.2",
- "signature 2.2.0",
-]
-
-[[package]]
-name = "ed25519-dalek"
-version = "2.1.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4a3daa8e81a3963a60642bcc1f90a670680bd4a77535faa384e9d1c79d620871"
-dependencies = [
- "curve25519-dalek",
- "ed25519",
- "serde",
- "sha2",
- "subtle",
- "zeroize",
-]
-
 [[package]]
 name = "either"
 version = "1.8.1"
@@ -1889,7 +1838,6 @@ dependencies = [
  "ff 0.13.0",
  "generic-array",
  "group 0.13.0",
- "hkdf",
  "pem-rfc7468",
  "pkcs8 0.10.2",
  "rand_core 0.6.4",
@@ -2057,12 +2005,6 @@ dependencies = [
  "subtle",
 ]
 
-[[package]]
-name = "fiat-crypto"
-version = "0.2.9"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "28dea519a9695b9977216879a3ebfddf92f1c08c05d984f8996aecd6ecdc811d"
-
 [[package]]
 name = "filetime"
 version = "0.2.22"
@@ -2479,15 +2421,6 @@ version = "0.4.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "6fe2267d4ed49bc07b63801559be28c718ea06c4738b7a03c94df7386d2cde46"
 
-[[package]]
-name = "hkdf"
-version = "0.12.4"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7b5f8eb2ad728638ea2c7d47a21db23b7b58a72ed6a38256b8a1849f15fbbdf7"
-dependencies = [
- "hmac",
-]
-
 [[package]]
 name = "hmac"
 version = "0.12.1"
@@ -2969,20 +2902,6 @@ dependencies = [
  "simple_asn1",
 ]
 
-[[package]]
-name = "k256"
-version = "0.13.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3f01b677d82ef7a676aa37e099defd83a28e15687112cafdd112d60236b6115b"
-dependencies = [
- "cfg-if",
- "ecdsa 0.16.9",
- "elliptic-curve 0.13.8",
- "once_cell",
- "sha2",
- "signature 2.2.0",
-]
-
 [[package]]
 name = "kqueue"
 version = "1.0.7"
@@ -3707,24 +3626,8 @@ version = "0.13.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "70786f51bcc69f6a4c0360e063a4cac5419ef7c5cd5b3c99ad70f3be5ba79209"
 dependencies = [
- "ecdsa 0.16.9",
  "elliptic-curve 0.13.8",
  "primeorder",
- "sha2",
-]
-
-[[package]]
-name = "p521"
-version = "0.13.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0fc9e2161f1f215afdfce23677034ae137bbd45016a880c2eb3ba8eb95f085b2"
-dependencies = [
- "base16ct 0.2.0",
- "ecdsa 0.16.9",
- "elliptic-curve 0.13.8",
- "primeorder",
- "rand_core 0.6.4",
- "sha2",
 ]
 
 [[package]]
@@ -4532,7 +4435,6 @@ dependencies = [
  "crossbeam-deque",
  "dashmap",
  "ecdsa 0.16.9",
- "ed25519-dalek",
  "env_logger",
  "fallible-iterator",
  "framed-websockets",
@@ -4555,7 +4457,6 @@ dependencies = [
  "itertools 0.10.5",
  "jose-jwa",
  "jose-jwk",
- "k256",
  "lasso",
  "md5",
  "measured",
@@ -4563,8 +4464,6 @@ dependencies = [
  "once_cell",
  "opentelemetry",
  "p256 0.13.2",
- "p384",
- "p521",
  "parking_lot 0.12.1",
  "parquet",
  "parquet_derive",
diff --git a/proxy/Cargo.toml b/proxy/Cargo.toml
index 3624a04878..21d92abb20 100644
--- a/proxy/Cargo.toml
+++ b/proxy/Cargo.toml
@@ -110,10 +110,6 @@ jose-jwk = { version = "0.1.2", features = ["p256", "p384", "rsa"] }
 signature = "2"
 ecdsa = "0.16"
 p256 = "0.13"
-p384 = "0.13"
-p521 = "0.13"
-k256 = "0.13"
-ed25519-dalek = "2"
 rsa = "0.9"
 
 workspace_hack.workspace = true
diff --git a/proxy/src/auth/backend/jwt.rs b/proxy/src/auth/backend/jwt.rs
index 118677f70e..0994beca23 100644
--- a/proxy/src/auth/backend/jwt.rs
+++ b/proxy/src/auth/backend/jwt.rs
@@ -3,8 +3,6 @@ use std::{sync::Arc, time::Duration};
 use anyhow::{bail, ensure, Context};
 use arc_swap::ArcSwapOption;
 use dashmap::DashMap;
-use hmac::digest::generic_array::GenericArray;
-// use jose_jwa::S;
 use jose_jwk::crypto::KeyInfo;
 use tokio::time::Instant;
 
@@ -235,9 +233,6 @@ impl JWKCache {
             jose_jwk::Key::Rsa(key) => {
                 verify_rsa_signature(header_payload.as_bytes(), &sig, key, &jwk.prm.alg)?;
             }
-            jose_jwk::Key::Okp(key) => {
-                verify_okp_signature(header_payload.as_bytes(), &sig, key)?;
-            }
             key => bail!("unsupported key type {key:?}"),
         };
 
@@ -259,59 +254,12 @@ fn verify_ec_signature(data: &[u8], sig: &[u8], key: &jose_jwk::Ec) -> anyhow::R
             let sig = Signature::from_slice(sig)?;
             key.verify(data, &sig)?;
         }
-        jose_jwk::EcCurves::P384 => {
-            let pk =
-                p384::PublicKey::try_from(key).map_err(|_| anyhow::anyhow!("invalid P384 key"))?;
-            let key = p384::ecdsa::VerifyingKey::from(&pk);
-            let sig = Signature::from_slice(sig)?;
-            key.verify(data, &sig)?;
-        }
-        jose_jwk::EcCurves::P521 => {
-            ensure!(key.x.len() == 66 && key.y.len() == 66);
-            let x = GenericArray::from_slice(&key.x);
-            let y = GenericArray::from_slice(&key.y);
-
-            let encoded = p521::EncodedPoint::from_affine_coordinates(x, y, false);
-            let key = p521::ecdsa::VerifyingKey::from_encoded_point(&encoded)?;
-            let sig = Signature::from_slice(sig)?;
-            key.verify(data, &sig)?;
-        }
-        jose_jwk::EcCurves::P256K => {
-            ensure!(key.x.len() == 32 && key.y.len() == 32);
-            let x = GenericArray::from_slice(&key.x);
-            let y = GenericArray::from_slice(&key.y);
-
-            let encoded = k256::EncodedPoint::from_affine_coordinates(x, y, false);
-            let key = k256::ecdsa::VerifyingKey::from_encoded_point(&encoded)?;
-            let sig = Signature::from_slice(sig)?;
-            key.verify(data, &sig)?;
-        }
         key => bail!("unsupported ec key type {key:?}"),
     }
 
     Ok(())
 }
 
-fn verify_okp_signature(data: &[u8], sig: &[u8], key: &jose_jwk::Okp) -> anyhow::Result<()> {
-    use ed25519_dalek::Signature;
-    use signature::Verifier;
-
-    match key.crv {
-        jose_jwk::OkpCurves::Ed25519 => {
-            let x = <&[u8; 32]>::try_from(&**key.x)?;
-            let key = ed25519_dalek::VerifyingKey::from_bytes(x)?;
-            let sig = Signature::from_slice(sig)?;
-            key.verify(data, &sig)?;
-        }
-        // jose_jwk::OkpCurves::Ed448 => todo!(),
-        // jose_jwk::OkpCurves::X25519 => todo!(),
-        // jose_jwk::OkpCurves::X448 => todo!(),
-        key => bail!("unsupported octet key pair curve type {key:?}"),
-    }
-
-    Ok(())
-}
-
 fn verify_rsa_signature(
     data: &[u8],
     sig: &[u8],
@@ -319,42 +267,17 @@ fn verify_rsa_signature(
     alg: &Option<jose_jwa::Algorithm>,
 ) -> anyhow::Result<()> {
     use jose_jwa::{Algorithm, Signing};
-    use rsa::{Pkcs1v15Sign, Pss, RsaPublicKey};
+    use rsa::{Pkcs1v15Sign, RsaPublicKey};
     use sha2::Digest;
 
     let key = RsaPublicKey::try_from(key).map_err(|_| anyhow::anyhow!("invalid RSA key"))?;
 
     match alg {
-        Some(Algorithm::Signing(Signing::Ps256)) => {
-            let hashed = sha2::Sha256::digest(data);
-            let scheme = Pss::new::<sha2::Sha256>();
-            key.verify(scheme, &hashed, sig)?;
-        }
-        Some(Algorithm::Signing(Signing::Ps384)) => {
-            let hashed = sha2::Sha384::digest(data);
-            let scheme = Pss::new::<sha2::Sha384>();
-            key.verify(scheme, &hashed, sig)?;
-        }
-        Some(Algorithm::Signing(Signing::Ps512)) => {
-            let hashed = sha2::Sha512::digest(data);
-            let scheme = Pss::new::<sha2::Sha512>();
-            key.verify(scheme, &hashed, sig)?;
-        }
         Some(Algorithm::Signing(Signing::Rs256)) => {
             let hashed = sha2::Sha256::digest(data);
             let scheme = Pkcs1v15Sign::new::<sha2::Sha256>();
             key.verify(scheme, &hashed, sig)?;
         }
-        Some(Algorithm::Signing(Signing::Rs384)) => {
-            let hashed = sha2::Sha384::digest(data);
-            let scheme = Pkcs1v15Sign::new::<sha2::Sha384>();
-            key.verify(scheme, &hashed, sig)?;
-        }
-        Some(Algorithm::Signing(Signing::Rs512)) => {
-            let hashed = sha2::Sha512::digest(data);
-            let scheme = Pkcs1v15Sign::new::<sha2::Sha512>();
-            key.verify(scheme, &hashed, sig)?;
-        }
         _ => bail!("invalid RSA signing algorithm"),
     };