From 87fbe71e376edfc8e8de098d5c6eff3d5a77e45e Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Fri, 30 Nov 2018 13:29:28 +0200 Subject: Change: try checking existing JWT tokent (does not work) --- effireg | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++ effireg.pub | 1 + foo | Bin 0 -> 2348 bytes foo.pub | 1 + src/main.rs | 37 +++++++++++++++++++++++++------------ try.sh | 10 ++++++++++ 6 files changed, 88 insertions(+), 12 deletions(-) create mode 100644 effireg create mode 100644 effireg.pub create mode 100644 foo create mode 100644 foo.pub diff --git a/effireg b/effireg new file mode 100644 index 0000000..af212f6 --- /dev/null +++ b/effireg @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKQIBAAKCAgEA86bb67Yvj1ThG0VOtP07elmVNOAYl8ER7/XkYh6Q/KT0zLD9 +TQ81J7Q+cVoJeL4RhWBpXgpwXdfa5WZg1U6utJ4OOB+Lepgr8pmyAnv/Brd7tyWr +xSZPn/Z9AO5s8m2EjDxRIYzfiuenHoZweH+xTdLUax5Qyid9ggHm3F9X4lZA0M8z +yLUlSuCAfLZhPj3TsjQEsksxk2nR5ucwBmhsIPCOxN/r3yhJ+OZRyyPpVNYSkmjI +OlZlDFlxrXVnE1xdyGHgke98NQQUU5j2p0l2Zjuhojl4b/UkE2X+k1p2k4gaEx7e +Aa/VJNpab1fCnbMGADNSIiaZ10JNSQuqMFAXzWOZgPDXDZNmH85MZ6BTwdF1HtS5 +kg6bLGK7EiWHVxd9nGMRnlT+XpCSpDVH3pyRbi7QeeSpxKDvOkctxNO8vcTGN8ur +EG44TN5qKpv/BbsqEsw8nMldK9t8vh+W/qgQ7IIZt12Kbzz36MyFfVNfVarEPaCj +AuzVtc67vcBj2XkMcBIrJQSp8SwACVU6uU0r4XgqD5jBkDXz+BbQI46jjS8HZwyY +DFSMDs8tyelLuSl1VmC07c39xFdLceFGb8wzeFUyI5Dyf9Dd1O8E8kHCDwMEogDo +tf1Wm1u1Ii6CVeGx8HQyCS+AXLQXqTqjFt1Y1dVWYYdzZhL57/mtMWMCT8ECAwEA +AQKCAgBMBHAy31mBT4sX9gyzXRqUdqSdpZkmp58QDdieYEj9+f1Ca6nrw+XiqFKf +DOdNm4dd5JGbPIiITtNFpSZrBqxtP67SBc1/h0CW5SrrqYIMt2xK3N71mJlZIA8q +HjkxfcfP9PWfEROhg9rZJDqs7bIExNVvQjsUhzOaPzum37xMqnp4a10Nrq6e6OJN +hp1aTPHidGZOtjUWd/p8Hv8V0LiDomn4tKAjtK83j6xPQ7oFtPCAa16lDNVj//f+ +lVV+bd/4p8jn3x8Sb15kIqI52SquhMZOFb4kuAf0YWsG0D+Uke8IriW3wwMuB04V +1PysNPGXWGu0qfRve4kfVBtaDXMPDrgJtWUvzyk0fnCji0IC9Roi4KvrqScbUaUE +1l9GvUikB0VsmATT2ztMZmmetKB+7teoQtxzpmYe/NiNkK7utXuwE51DfTVoLmvu +OXsXre9SOEN4d3qhAA3ugzzYVCE531AcMJR1FKVo2aWEKOqYdtroXUzTJpprMC9y +546gxOQfDws4jLM1XJm0OF6I3BJXhZ7k7IjDZNOr6qPO0W86WEtuMTn83D93xr6g +YpHz1R/5XIw/GhaZhDqjAWiYX4wYHDkLmPnNAJ/4FRQO3BKzw+chYAL3c1jky3+e +Mm7hR0wBJLl6hfX284iF1i6lB/9Ear6uJJ8iZWdnfLc1CZJYLQKCAQEA9PT/+P6S +WnrILn+jNOkn0yxdJhPW+8KwpLXkf5vE/NTow/PSNyHcLHHMIzquKhXDituMpIT4 +F1nDxbwjv0u4FCxM1gYWgXrIztihByfHM906Azp2fGUTWyEUGdeca0T2Mo8aiHrE +c4jbHpFvD1vUucrQk6RYEapjrq60RYskPZd5fxKTEeX7AcfrdcSc8V98/8xvWflk +FZu4nNS+f6Adqyl1egi3N0xiyn30FSdJDtr4KwICmBQG8rRIs0PtATv2PrCyNfro +n+9rB4ujqYDo/FOD5laG2Q6DoTjYrYTHe0LSK0js9hOz4DV9R3fZfcIQKwXCCqYu +pXEMUVkkY37KewKCAQEA/qLLshWjy75C7szuI1sZTz0M6xjphcVvLNUB1cvBbGLM +L+58O33IhBC4/8JhNc7LI3rXW9q/jk6LNuRYr2wo1CqE0PGMYT3nxgxz0PI5JP3k +hZQgLc4idXqYKqPbeHxosDKKF+xghBDe10C4G+O8N/vtYUQGBc5JNz4qQfK7uUYD +Xj6skTLjuZ/ccQlYXDWEVaEqXMi/y16WHLkBzuWj7jdU4wZZIVnp9yj3YVpoRyCN +msd4Ah7uMt72C/jyvxeDlhv7Rv4TiULw6JyG696kTz9hf4RUv5cOPusx09xLM7+0 +hIyFPO+/LrYe/sTieAmAd1Thmk7mdzcfE6ezfoBH8wKCAQEA5nsf3kiprDia4iV2 +ivJWZnv3qTxBq+EkE9aRiQAn+TzbRoTD5twVLjxkt0EfXrnbo2uwiZwTUuVDL2o2 +uGembFTCdx6DTpEZIIbz/KeQ51vgmekIU0NHUxdssmQM6WGZxTig3omlDpBWnAx7 +Uxg0sBwE5OZdd0G7SUFYnZauIsXDq6zudIjQBHz3L3gvs20FUCorG51sbmh27BnA +pJUjVUlNH+XTflSBH8YjQ0QTmcaueskJZ85wOy0muoXPGrowmAvpoqDTAKllK1RY +ScThc4mhMbl4aAMgFzJFrf6hM3lMBy42x9MCDJRHrFc4bPuL+u8QBLUYbtJPpLsb +YgKKwQKCAQAFR7zvmXFHFU/wAcHia84vjXWKHn8hLgHrLROXqlz9cWMIj2p2FVqm +Gm6rpw06/2nI95AlsHiOa+SJI90O7jA+jg8pAglGLvFycumn6I30zWsCthqguIiQ +ZRVotPMlIXdOSA4DBvzNYEgusIHg2i0aABhhDvcNAcUU5y4bJfxskB4bwzLy49pD +DCSXF3mEl/uBhxEI0YTgo7p7J/74mlx24SDagFQy09l9LZVLqINHDk7Baed8K8YG +ugbiIqxt9//bigMA6t3e18uFF1HY7En99rN/4G+ddXVvKpNi8EuC7DPDF+Lfa51M +S6yC3fRQRuoqD1GKUJ6I1FTJpI2dTu2vAoIBAQDLl6VKTDsfrhnYIGW8ICIiDyPe +XTxMbP4eTnzK4sY3rp5Cp03pca+2H4fMh8h4+cMx5mSjHnAQ26Q8H05GXwrumbyq +uHe/ygJkPd2UdqfcqsNu5uKVEKJnmkwKlS48LORcgVDBNwcZbeMOjPvNSZsqq6Rj +UiM/hMbRSmi+aA6kRJ3zS8AtetGCrCgCKoSJSLnJY1sEolNFn7BRfEAe9SPQT5vT +G2+bxHsd3H1CIq/Z0G6ioBpmqMzZp6ku5oE1QN0f67Q7paAXHlosptjPPjMMCePU +mTlBFgZjHy2p0uIKi6aoekmmazDwOn+OpzVR0GHfOQnPgcQQQkaX9iy5qX6g +-----END RSA PRIVATE KEY----- \ No newline at end of file diff --git a/effireg.pub b/effireg.pub new file mode 100644 index 0000000..3f97d63 --- /dev/null +++ b/effireg.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDzptvrti+PVOEbRU60/Tt6WZU04BiXwRHv9eRiHpD8pPTMsP1NDzUntD5xWgl4vhGFYGleCnBd19rlZmDVTq60ng44H4t6mCvymbICe/8Gt3u3JavFJk+f9n0A7mzybYSMPFEhjN+K56cehnB4f7FN0tRrHlDKJ32CAebcX1fiVkDQzzPItSVK4IB8tmE+PdOyNASySzGTadHm5zAGaGwg8I7E3+vfKEn45lHLI+lU1hKSaMg6VmUMWXGtdWcTXF3IYeCR73w1BBRTmPanSXZmO6GiOXhv9SQTZf6TWnaTiBoTHt4Br9Uk2lpvV8KdswYAM1IiJpnXQk1JC6owUBfNY5mA8NcNk2YfzkxnoFPB0XUe1LmSDpssYrsSJYdXF32cYxGeVP5ekJKkNUfenJFuLtB55KnEoO86Ry3E07y9xMY3y6sQbjhM3moqm/8FuyoSzDycyV0r23y+H5b+qBDsghm3XYpvPPfozIV9U19VqsQ9oKMC7NW1zru9wGPZeQxwEislBKnxLAAJVTq5TSvheCoPmMGQNfP4FtAjjqONLwdnDJgMVIwOzy3J6Uu5KXVWYLTtzf3EV0tx4UZvzDN4VTIjkPJ/0N3U7wTyQcIPAwSiAOi1/VabW7UiLoJV4bHwdDIJL4BctBepOqMW3VjV1VZhh3NmEvnv+a0xYwJPwQ== \ No newline at end of file diff --git a/foo b/foo new file mode 100644 index 0000000..594c68b Binary files /dev/null and b/foo differ diff --git a/foo.pub b/foo.pub new file mode 100644 index 0000000..f1df50b --- /dev/null +++ b/foo.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDNrBHnlrtxlRd9tGZh/mqmX61OcYvvROaLmMlwjFbrAdQE/No23hW56LEGgs3Lnsw0OT2NSIYeq/jzAT8yrOT/yxw+Qoql105ki4l1A5z+nQScqQdO16gJp/KWf9AQVsRdCglB5CPIZxiuQ2UUIHDmpxwQRKjlDbDOAskSvUNEyu4UgUIiawxVFHz991GBaTtDyHiznM3W5R0c23t63Vj4wyfip3n5PdOskaTpARYHvzQHvtIXRyS08Qp/e1chTUHdDp/hbzoxCfesGGcdtSR9kjKOpO1R/KdRAzm3BTLFCnqZHDJ0jAcVbYeiGVWtqSXmO8qpa3Vi0l+vVcSbqU/1TwmkPfS/ExnZM0yHJkLcJUstGyV2/He82KQRzb2zXJJL2968vpr9iXsBKT1tiyIFa32iJknp354EMkMTkPv/6KoZH3VuA8hY2LYPMGZQqUygM2Uw/AcMLaeg+0Es9ZbdqzIU5gS7Nqj1buw3jKtPBCZberaws+Uf6OKT5j2asN7O4V/omiK2vASXQhNIW8Tez6K1OGEqIgtqTnrQ8TQEN2lH6GlUd2URkryihKPhw/gf2MvQUJ39awNzEzhPDEM3QtibImq+XOg9FQdutHX4KhnLRskJXwc0cF1fXuLEqdxAUJ3OI3/J99Sbw9aUbH5gWL4M2t5IMWf0vdNYJNdJsQ== \ No newline at end of file diff --git a/src/main.rs b/src/main.rs index b096410..c123572 100644 --- a/src/main.rs +++ b/src/main.rs @@ -1,11 +1,13 @@ use std::env; +use std::fs::File; +use std::io::Read; extern crate jsonwebtoken as jwt; #[macro_use] extern crate serde_derive; extern crate serde_json; -use jwt::dangerous_unsafe_decode; +use jwt::{decode, Validation, Algorithm}; #[derive(Debug, Serialize, Deserialize)] struct Claims { @@ -17,25 +19,36 @@ struct Claims { } fn main() { + println!("reading key"); + let mut f = File::open("foo").unwrap(); + let bufsize = 1024 * 1024; + + let mut key = vec![0; bufsize]; + f.read(&mut key).unwrap(); + println!("key len {}", key.len()); + + println!("finding tokens on command line"); let mut tokens = env::args(); tokens.next(); + for token in tokens { - decode_token(&token); + println!("token {}", token); + decode_token(&token, &key); } } -fn decode_token(token: &str) { - let data = - match dangerous_unsafe_decode::(&token) { - Ok(c) => c, - Err(err) => match *err.kind() { - _ => { - println!("{:?}", err); - panic!(); - }, +fn decode_token(token: &str, key: &[u8]) { + let v = Validation::new(Algorithm::RS512); + let data = match decode::(&token, key, &v) { + Ok(c) => c, + Err(err) => match *err.kind() { + _ => { + eprintln!("ERROR: {:?}", err); + panic!(); }, - }; + }, + }; let claims = data.claims; let j = serde_json::to_string_pretty(&claims).expect("JSON error"); println!("{}", j); diff --git a/try.sh b/try.sh index ff06826..41dbfcc 100755 --- a/try.sh +++ b/try.sh @@ -3,9 +3,19 @@ set -eu token="eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiJ9.eyJpc3MiOiJlZmZpcmVnIiwic3ViIjoic3ViamVjdC11dWlkIiwiYXVkIjoiZWZmaXJlZyIsImV4cCI6MTU0MzE0MTEzNi45OTkwMjU4LCJzY29wZSI6InN1cGVyIn0.qufRElkQs3r75-W2_OBsfn64DuQ3kUJop8PTRh4bYvLqIm4uq4TmzgtmbWApFh0NbuLHidYnPlZs-VS7QqiVh8asvsiMZjgieT89H9KMad1dvB-5wjbN_X0sCmxQWlQ1xcgjY9jw0WW2pBxES1acsux_y0z3LaSoGvpT4-VpxcxDu_4lKHVJdOw5FACVHb6snwpRm4nMibzqR9ZpEkti8nF6UXB2Ji84F-fQx2C432MKsY8hWfVI5zbMBnfNbBqCzA41eJgaDzGQ5YnPwHag2Y9aBC3sVy3Wuhf8XzZB_FZQX2I_SQQRI2BGglWG9OzUtx21h_noglxzybC3uco2-b0bNQ09VBUiSDM9MWslk_H0tSPY4Tt8WGQAeApXAeAOYmh3MTdYHnXKQxpVVw8LQChxm0zBRaUYuzndLH7lOIBPj_bdnE_doxbDWFf5VCdSFAtFepXTcx1OlyzztzX-ZMr9_DHvrwcCLl3iAtpw5iW26EAw0ql0jlVIXToPw9YKtOc1LF0Y1JrfRiMpBWcMpZBrWU4CpbYE53APcCq5DNohmRwPiWYmN6A9veDonjCxJjIUSuuCODWb_QvnSd2spYoOlZGS4zO8nNNRuB45P5BEvY5Vt0F9iox8-l2zVmiWBbAA_M4kn5RoPHprymo5_m5QdGBlsM2uKtA2Br6JuTY" +token="eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiJ9.eyJpc3MiOiJlZmZpcmVnIiwic3ViIjoic3ViamVjdC11dWlkIiwiYXVkIjoiZWZmaXJlZyIsImV4cCI6MTU0MzE2NDYwMy41NDg5Mzg1LCJzY29wZSI6InN1cGVyIn0.72lZ_pt5b0UNi-o6jFfu2Ahwt-32BE46BunNcGnV0lCBmo3mCH2gXVcxq20TNK18tLi1kuxFexvwkkbJTJgLY41eHqiWM7YtjSnrUSFNkRF4eOnDBlwp5xP4jRFs7t6_0mS1cqqtTKTfMoNXCU0Sf8L4w6BVBft5-xOvUjxNcm6P_du5IduvkACItPWiLWOFuQlyHRSsOTt5jGNrso54Kr7nEhVPRw05P46ZTknUzzTHFVlFZjTwvm76_hPSaNI2DSFXhtwpd4kVp4AEzhjsQCiXI4Ypmrxs2bBj9mP_8F0H7PvMdt_FJPb_x3I0AVNIRE0eRgNkZvXcMZ1jo3QDl8cPDMis68laAMKJoE-fDIMIQW-WIsvYrxeqSbT6NG6WOv-zvW0FybmAaQp8ZQpIJeS9Nn66HQyfL3UaHiGgJ7hj5mRVUarZaoyjHaJNvbREkc80cet2n0XEHyDoLDYzcPPco_hO9yn0dyPRbjh4015n14rIvev1kFse5RXd__QvlDJh0NxSODt2-5SOlxc50KcJPO0HDDd3v-CfuVKwX4U4NbXTiKqwiRfcsNXtm0pWpMsprWgw1HZJ2-hvo4nuKSYJNRwG61hHs0Kn1EVzJeXQ-GhP0Ofg2TFVRpHF26RejmUHt6iVcovPaxm2L10lXl9leOiMbIqHN2eNUV2481A" +token="eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiJ9.eyJpc3MiOiJmb28iLCJzdWIiOiJzdWJqZWN0LXV1aWQiLCJhdWQiOiJmb28iLCJleHAiOjE1NDMxNjUxNTAuNTkxMjg1LCJzY29wZSI6InN1cGVyIn0.XTDAdCSi7RsM-GTxKYgAs3tSM_xsjms_kd2y3Yab3jMNjrBZV6-_NrlhHs16SkoeYFbxGQg_f9xtxVefgZ47JSSz82NTfxZYI8WgeW_EJSpoRb_rvhjsOQXQ95hscrBHpbpR0eXR4L81paIRR4r8p-B2kPeT5BeDMi8xNVYfYRrVDy_yNP_uCBms3-3jajaQ-Id_ZjHGvUs2mpbLSiIGmp0u6YjyeaTbsJlHkbR4jVFhbES8ofbV9fU1c4bwQYdB_YaBF1tvTWWfEIwwoKjNsXkZAe_s6PWxlI-rMViPEUsiOu3bPtSFf2lB94MGU9r1MJdD0RUEQFguL-h3scmBd4_S0iqqkTxZjDr4SZRdUHrLQb2_NV_Ymyk_njEaf4NjA3HxfDYH3TpwRaSTDbnyZSjnb435-RFiab1H-KsAob1GrrCzOeh01rS4YtNrCKtYafZHhHx3GHOwZmUeYPohK-jR95EHrSufpMIopIlzOW3PKdmb0639VULNu_N_Iz7eN9ogna4E1Ym3V9Uk3TimQ8j2Gmfe8L_zudlR5XE0Oz4CoF7lhi5nKmlRvJ7YqvGZw6tbMogITRNnfFLtGoEKo_QwbAvnpWBs7wB88DN_sAVE99sD2llLcNCAMrQaw6IdWKs9RNxt2nqqUaH9ZCHyZZLN7xDA-kQkt4uxlT4zXOk" echo ----------------------------------------------------------- echo "$token" | jwt-decode echo ----------------------------------------------------------- + +# openssl rsa -pubin \ +# -in effireg \ +# -inform PEM \ +# -RSAPublicKey_out \ +# -outform DER \ +# -out effireg.der + cargo run -q "$token" -- cgit v1.2.1