From 5ea7d34daec1e40ada9f46009ecb9e73efd5f605 Mon Sep 17 00:00:00 2001
From: Sonny Scroggin <sonny@scrogg.in>
Date: Fri, 5 Jan 2024 10:23:19 -0600
Subject: [PATCH] Remove openssl and use rsa directly

---
 native/nowayjose/Cargo.lock   | 274 ++++++++++++++++++++++++++++------
 native/nowayjose/Cargo.toml   |   4 +-
 native/nowayjose/Cross.toml   |   4 +
 native/nowayjose/src/rsa.rs   |  49 ++++--
 native/nowayjose/src/serde.rs |   2 +
 5 files changed, 272 insertions(+), 61 deletions(-)
 create mode 100644 native/nowayjose/Cross.toml

diff --git a/native/nowayjose/Cargo.lock b/native/nowayjose/Cargo.lock
index 1afbb0d..d84ff7c 100644
--- a/native/nowayjose/Cargo.lock
+++ b/native/nowayjose/Cargo.lock
@@ -24,10 +24,10 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "904dfeac50f3cdaba28fc6f57fdcddb75f49ed61346676a78c4ffe55877802fd"
 
 [[package]]
-name = "bitflags"
-version = "1.3.2"
+name = "base64ct"
+version = "1.6.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a"
+checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b"
 
 [[package]]
 name = "bumpalo"
@@ -35,6 +35,12 @@ version = "3.10.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "37ccbd214614c6783386c1af30caf03192f17891059cecc394b4fb119e363de3"
 
+[[package]]
+name = "byteorder"
+version = "1.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b"
+
 [[package]]
 name = "cc"
 version = "1.0.73"
@@ -48,19 +54,62 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"
 
 [[package]]
-name = "foreign-types"
-version = "0.3.2"
+name = "const-oid"
+version = "0.9.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "28c122c3980598d243d63d9a704629a2d748d101f278052ff068be5a4423ab6f"
+
+[[package]]
+name = "crypto-common"
+version = "0.1.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1"
+checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3"
 dependencies = [
- "foreign-types-shared",
+ "generic-array",
+ "typenum",
 ]
 
 [[package]]
-name = "foreign-types-shared"
-version = "0.1.1"
+name = "der"
+version = "0.7.8"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b"
+checksum = "fffa369a668c8af7dbf8b5e56c9f744fbd399949ed171606040001947de40b1c"
+dependencies = [
+ "const-oid",
+ "pem-rfc7468",
+ "zeroize",
+]
+
+[[package]]
+name = "digest"
+version = "0.10.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292"
+dependencies = [
+ "const-oid",
+ "crypto-common",
+]
+
+[[package]]
+name = "generic-array"
+version = "0.14.7"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "85649ca51fd72272d7821adaf274ad91c288277713d9c18820d8499a7ff69e9a"
+dependencies = [
+ "typenum",
+ "version_check",
+]
+
+[[package]]
+name = "getrandom"
+version = "0.2.10"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "be4136b2a15dd319360be1c07d9933517ccf0be8f16bf62a3bee4f0d618df427"
+dependencies = [
+ "cfg-if",
+ "libc",
+ "wasi",
+]
 
 [[package]]
 name = "heck"
@@ -102,12 +151,21 @@ name = "lazy_static"
 version = "1.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646"
+dependencies = [
+ "spin",
+]
 
 [[package]]
 name = "libc"
-version = "0.2.126"
+version = "0.2.149"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "349d5a591cd28b49e1d1037471617a32ddcda5731b99419008085f72d5a53836"
+checksum = "a08173bc88b7955d1b3145aa561539096c421ac8debde8cbc3612ec635fee29b"
+
+[[package]]
+name = "libm"
+version = "0.2.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4ec2a862134d2a7d32d7983ddcdd1c4923530833c9f2ea1a44fc5fa473989058"
 
 [[package]]
 name = "log"
@@ -130,10 +188,12 @@ version = "0.1.0"
 dependencies = [
  "jsonwebtoken",
  "once_cell",
- "openssl",
+ "rand",
+ "rsa",
  "rustler",
  "serde",
  "serde_json",
+ "zeroize",
 ]
 
 [[package]]
@@ -147,6 +207,23 @@ dependencies = [
  "num-traits",
 ]
 
+[[package]]
+name = "num-bigint-dig"
+version = "0.8.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "dc84195820f291c7697304f3cbdadd1cb7199c0efc917ff5eafd71225c136151"
+dependencies = [
+ "byteorder",
+ "lazy_static",
+ "libm",
+ "num-integer",
+ "num-iter",
+ "num-traits",
+ "rand",
+ "smallvec",
+ "zeroize",
+]
+
 [[package]]
 name = "num-integer"
 version = "0.1.45"
@@ -157,6 +234,17 @@ dependencies = [
  "num-traits",
 ]
 
+[[package]]
+name = "num-iter"
+version = "0.1.43"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7d03e6c028c5dc5cac6e2dec0efda81fc887605bb3d884578bb6d6bf7514e252"
+dependencies = [
+ "autocfg",
+ "num-integer",
+ "num-traits",
+]
+
 [[package]]
 name = "num-traits"
 version = "0.2.15"
@@ -164,6 +252,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "578ede34cf02f8924ab9447f50c28075b4d3e5b269972345e7e0372b38c6cdcd"
 dependencies = [
  "autocfg",
+ "libm",
 ]
 
 [[package]]
@@ -182,58 +271,49 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "dd8b5dd2ae5ed71462c540258bedcb51965123ad7e7ccf4b9a8cafaa4a63576d"
 
 [[package]]
-name = "openssl"
-version = "0.10.40"
+name = "pem"
+version = "1.0.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "fb81a6430ac911acb25fe5ac8f1d2af1b4ea8a4fdfda0f1ee4292af2e2d8eb0e"
+checksum = "e9a3b09a20e374558580a4914d3b7d89bd61b954a5a5e1dcbea98753addb1947"
 dependencies = [
- "bitflags",
- "cfg-if",
- "foreign-types",
- "libc",
- "once_cell",
- "openssl-macros",
- "openssl-sys",
+ "base64",
 ]
 
 [[package]]
-name = "openssl-macros"
-version = "0.1.0"
+name = "pem-rfc7468"
+version = "0.7.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b501e44f11665960c7e7fcf062c7d96a14ade4aa98116c004b2e37b5be7d736c"
+checksum = "88b39c9bfcfc231068454382784bb460aae594343fb030d46e9f50a645418412"
 dependencies = [
- "proc-macro2",
- "quote",
- "syn 1.0.96",
+ "base64ct",
 ]
 
 [[package]]
-name = "openssl-sys"
-version = "0.9.74"
+name = "pkcs1"
+version = "0.7.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "835363342df5fba8354c5b453325b110ffd54044e588c539cf2f20a8014e4cb1"
+checksum = "c8ffb9f10fa047879315e6625af03c164b16962a5368d724ed16323b68ace47f"
 dependencies = [
- "autocfg",
- "cc",
- "libc",
- "pkg-config",
- "vcpkg",
+ "der",
+ "pkcs8",
+ "spki",
 ]
 
 [[package]]
-name = "pem"
-version = "1.0.2"
+name = "pkcs8"
+version = "0.10.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e9a3b09a20e374558580a4914d3b7d89bd61b954a5a5e1dcbea98753addb1947"
+checksum = "f950b2377845cebe5cf8b5165cb3cc1a5e0fa5cfa3e1f7f55707d8fd82e0a7b7"
 dependencies = [
- "base64",
+ "der",
+ "spki",
 ]
 
 [[package]]
-name = "pkg-config"
-version = "0.3.25"
+name = "ppv-lite86"
+version = "0.2.17"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1df8c4ec4b0627e53bdf214615ad287367e482558cf84b109250b37464dc03ae"
+checksum = "5b40af805b3121feab8a3c29f04d8ad262fa8e0561883e7653e024ae4479e6de"
 
 [[package]]
 name = "proc-macro2"
@@ -253,6 +333,36 @@ dependencies = [
  "proc-macro2",
 ]
 
+[[package]]
+name = "rand"
+version = "0.8.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404"
+dependencies = [
+ "libc",
+ "rand_chacha",
+ "rand_core",
+]
+
+[[package]]
+name = "rand_chacha"
+version = "0.3.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88"
+dependencies = [
+ "ppv-lite86",
+ "rand_core",
+]
+
+[[package]]
+name = "rand_core"
+version = "0.6.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c"
+dependencies = [
+ "getrandom",
+]
+
 [[package]]
 name = "regex"
 version = "1.10.2"
@@ -297,6 +407,26 @@ dependencies = [
  "winapi",
 ]
 
+[[package]]
+name = "rsa"
+version = "0.9.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5d0e5124fcb30e76a7e79bfee683a2746db83784b86289f6251b54b7950a0dfc"
+dependencies = [
+ "const-oid",
+ "digest",
+ "num-bigint-dig",
+ "num-integer",
+ "num-traits",
+ "pkcs1",
+ "pkcs8",
+ "rand_core",
+ "signature",
+ "spki",
+ "subtle",
+ "zeroize",
+]
+
 [[package]]
 name = "rustler"
 version = "0.30.0"
@@ -367,6 +497,16 @@ dependencies = [
  "serde",
 ]
 
+[[package]]
+name = "signature"
+version = "2.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5e1788eed21689f9cf370582dfc467ef36ed9c707f073528ddafa8d83e3b8500"
+dependencies = [
+ "digest",
+ "rand_core",
+]
+
 [[package]]
 name = "simple_asn1"
 version = "0.6.2"
@@ -379,12 +519,34 @@ dependencies = [
  "time",
 ]
 
+[[package]]
+name = "smallvec"
+version = "1.11.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "942b4a808e05215192e39f4ab80813e599068285906cc91aa64f923db842bd5a"
+
 [[package]]
 name = "spin"
 version = "0.5.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d"
 
+[[package]]
+name = "spki"
+version = "0.7.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d91ed6c858b01f942cd56b37a94b3e0a1798290327d1236e4d9cf4eaca44d29d"
+dependencies = [
+ "base64ct",
+ "der",
+]
+
+[[package]]
+name = "subtle"
+version = "2.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "81cdd64d312baedb58e21336b31bc043b77e01cc99033ce76ef539f78e965ebc"
+
 [[package]]
 name = "syn"
 version = "1.0.96"
@@ -445,6 +607,12 @@ version = "0.2.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "42657b1a6f4d817cda8e7a0ace261fe0cc946cf3a80314390b22cc61ae080792"
 
+[[package]]
+name = "typenum"
+version = "1.17.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "42ff0bf0c66b8238c6f3b578df37d0b7848e55df8577b3f74f92a69acceeb825"
+
 [[package]]
 name = "unicode-ident"
 version = "1.0.1"
@@ -467,10 +635,10 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "a156c684c91ea7d62626509bce3cb4e1d9ed5c4d978f7b4352658f96a4c26b4a"
 
 [[package]]
-name = "vcpkg"
-version = "0.2.15"
+name = "version_check"
+version = "0.9.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "accd4ea62f7bb7a82fe23066fb0957d48ef677f6eeb8215f372f52e48bb32426"
+checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f"
 
 [[package]]
 name = "void"
@@ -478,6 +646,12 @@ version = "1.0.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "6a02e4885ed3bc0f2de90ea6dd45ebcbb66dacffe03547fadbb0eeae2770887d"
 
+[[package]]
+name = "wasi"
+version = "0.11.0+wasi-snapshot-preview1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423"
+
 [[package]]
 name = "wasm-bindgen"
 version = "0.2.81"
@@ -563,3 +737,9 @@ name = "winapi-x86_64-pc-windows-gnu"
 version = "0.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f"
+
+[[package]]
+name = "zeroize"
+version = "1.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "525b4ec142c6b68a2d10f01f7bbf6755599ca3f81ea53b8431b7dd348f5fdb2d"
diff --git a/native/nowayjose/Cargo.toml b/native/nowayjose/Cargo.toml
index 12c5b36..156bdc2 100644
--- a/native/nowayjose/Cargo.toml
+++ b/native/nowayjose/Cargo.toml
@@ -12,10 +12,12 @@ crate-type = ["cdylib"]
 [dependencies]
 jsonwebtoken = "8"
 once_cell = "1.18.0"
-openssl = "0.10"
+rand = "0.8.5"
+rsa = { version = "0.9.6", features = ["pem"]  }
 rustler = { version = "0.30", default-features = false, features = ["derive", "nif_version_2_15"] }
 serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"
+zeroize = "1.7.0"
 
 [profile.release]
 lto = true
diff --git a/native/nowayjose/Cross.toml b/native/nowayjose/Cross.toml
new file mode 100644
index 0000000..8ba543c
--- /dev/null
+++ b/native/nowayjose/Cross.toml
@@ -0,0 +1,4 @@
+[build.env]
+passthrough = [
+  "RUSTLER_NIF_VERSION"
+]
diff --git a/native/nowayjose/src/rsa.rs b/native/nowayjose/src/rsa.rs
index ea97564..5a8dab1 100644
--- a/native/nowayjose/src/rsa.rs
+++ b/native/nowayjose/src/rsa.rs
@@ -1,4 +1,7 @@
-use openssl::rsa::Rsa;
+use rsa::{
+    pkcs1::{EncodeRsaPrivateKey, LineEnding},
+    RsaPrivateKey,
+};
 use rustler::{Error, NifUnitEnum, OwnedBinary};
 use std::io::Write as _;
 
@@ -9,17 +12,37 @@ pub enum OutputFormat {
 }
 
 #[rustler::nif(name = "generate_rsa", schedule = "DirtyCpu")]
-pub fn generate(bits: u32, output: OutputFormat) -> Result<OwnedBinary, Error> {
-    Rsa::generate(bits)
-        .and_then(|private| match output {
-            OutputFormat::Der => private.private_key_to_der(),
-            OutputFormat::Pem => private.private_key_to_pem(),
-        })
-        .and_then(|bytes| {
-            let mut binary = OwnedBinary::new(bytes.len()).unwrap();
-            binary.as_mut_slice().write_all(&bytes).unwrap();
+pub fn generate(bits: usize, output: OutputFormat) -> Result<OwnedBinary, Error> {
+    let mut rng = rand::thread_rng();
 
-            Ok(binary)
-        })
-        .map_err(|_| Error::Atom("openssl_error"))
+    let private_key = RsaPrivateKey::new(&mut rng, bits)
+        .map_err(|_| Error::Atom("Failed to generate RSA key"))?;
+
+    let bytes: Vec<u8> = match output {
+        OutputFormat::Der => private_key
+            .to_pkcs1_der()
+            .map_err(|_| Error::Atom("failed to serialize key to DER"))?
+            .to_bytes()
+            .to_vec(),
+        OutputFormat::Pem => {
+            #[cfg(unix)]
+            let line_ending = LineEnding::LF;
+            #[cfg(windows)]
+            let line_ending = LineEnding::CRLF;
+
+            let pem = private_key
+                .to_pkcs1_pem(line_ending)
+                .map_err(|_| Error::Atom("failed to serialize key to PEM"))?;
+            (*pem).clone().into_bytes()
+        }
+    };
+
+    let mut binary =
+        OwnedBinary::new(bytes.len()).ok_or(Error::Atom("failed to allocate memory for binary"))?;
+    binary
+        .as_mut_slice()
+        .write_all(&bytes)
+        .map_err(|_| Error::Atom("failed to write to binary"))?;
+
+    Ok(binary)
 }
diff --git a/native/nowayjose/src/serde.rs b/native/nowayjose/src/serde.rs
index 0e61c9c..415b709 100644
--- a/native/nowayjose/src/serde.rs
+++ b/native/nowayjose/src/serde.rs
@@ -3,6 +3,8 @@ mod error;
 mod ser;
 mod utils;
 
+#[allow(unused_imports)]
 pub use de::{from_term, Deserializer};
 pub use error::Error;
+#[allow(unused_imports)]
 pub use ser::{to_term, Serializer};