Allow library users to bring their own crypto providers

Author: jcgruenhage

src/account.rs

@@ -4,7 +4,6 @@ use std::sync::Arc;
 #[cfg(feature = "time")]
 use std::time::{Duration, SystemTime};
 
-use base64::prelude::{BASE64_URL_SAFE_NO_PAD, Engine};
 use http::header::LOCATION;
 #[cfg(feature = "time")]
 use http::header::USER_AGENT;
@@ -22,17 +21,17 @@ use serde::{Deserialize, Serialize};
 
 #[cfg(feature = "hyper-rustls")]
 use crate::DefaultClient;
+use crate::crypto::{CryptoProvider, key_thumbprint};
 use crate::order::Order;
 use crate::types::{
-    AccountCredentials, AuthorizationStatus, Empty, Header, JoseJson, Jwk, KeyOrKeyId, NewAccount,
+    AccountCredentials, AuthorizationStatus, Empty, Header, JoseJson, KeyOrKeyId, NewAccount,
     NewAccountPayload, NewOrder, OrderState, Problem, ProfileMeta, RevocationRequest, Signer,
-    SigningAlgorithm,
 };
 #[cfg(feature = "time")]
 use crate::types::{CertificateIdentifier, RenewalInfo};
 #[cfg(feature = "time")]
 use crate::{BodyWrapper, CRATE_USER_AGENT, retry_after};
-use crate::{BytesResponse, Client, Error, HttpClient, crypto, nonce_from_response};
+use crate::{BytesResponse, Client, Error, HttpClient, nonce_from_response};
 
 /// An ACME account as described in RFC 8555 (section 7.1.2)
 ///
@@ -55,6 +54,7 @@ impl Account {
     pub fn builder() -> Result<AccountBuilder, Error> {
         Ok(AccountBuilder {
             http: Box::new(DefaultClient::try_new()?),
+            crypto: CryptoProvider::builtin(),
         })
     }
 
@@ -73,14 +73,43 @@ impl Account {
         match roots.add(root_der) {
             Ok(()) => Ok(AccountBuilder {
                 http: Box::new(DefaultClient::with_roots(roots)?),
+                crypto: CryptoProvider::builtin(),
             }),
             Err(err) => Err(Error::Other(err.into())),
         }
     }
 
     /// Create an account builder with the given HTTP client
+    #[cfg(any(feature = "ring", feature = "aws-lc-rs"))]
     pub fn builder_with_http(http: Box<dyn HttpClient>) -> AccountBuilder {
-        AccountBuilder { http }
+        AccountBuilder {
+            http,
+            crypto: CryptoProvider::builtin(),
+        }
+    }
+
+    /// Create an account builder with the given [`CryptoProvider`] and default HTTP client
+    ///
+    /// Use this when you need a custom crypto backend but are fine with the default
+    /// HTTP client. For a custom HTTP client too, use
+    /// [`Account::builder_with_crypto_and_http()`] instead.
+    #[cfg(feature = "hyper-rustls")]
+    pub fn builder_with_crypto(crypto: &'static CryptoProvider) -> Result<AccountBuilder, Error> {
+        Ok(AccountBuilder {
+            http: Box::new(DefaultClient::try_new()?),
+            crypto,
+        })
+    }
+
+    /// Create an account builder with the given [`CryptoProvider`] and HTTP client
+    ///
+    /// Use this when you need both a custom crypto backend and a custom HTTP client.
+    /// For the default HTTP client, use [`Account::builder_with_crypto()`] instead.
+    pub fn builder_with_crypto_and_http(
+        crypto: &'static CryptoProvider,
+        http: Box<dyn HttpClient>,
+    ) -> AccountBuilder {
+        AccountBuilder { http, crypto }
     }
 
     /// Create a new order based on the given [`NewOrder`]
@@ -227,15 +256,15 @@ impl Account {
         struct NewKey<'a> {
             account: &'a str,
             #[serde(rename = "oldKey")]
-            old_key: Jwk,
+            old_key: &'a serde_json::Value,
         }
 
-        let (new_key, new_key_pkcs8) = Key::generate_pkcs8()?;
+        let (new_key, new_key_pkcs8) = Key::generate_pkcs8_with(self.inner.key.provider)?;
         let mut header = new_key.header(Some("nonce"), new_key_url);
         header.nonce = None;
         let payload = NewKey {
             account: &self.inner.id,
-            old_key: Jwk::new(&self.inner.key.inner),
+            old_key: &self.inner.key.jwk,
         };
 
         let body = JoseJson::new(Some(&payload), header, &new_key)?;
@@ -353,10 +382,11 @@ impl AccountInner {
     async fn from_credentials(
         credentials: AccountCredentials,
         http: Box<dyn HttpClient>,
+        crypto: &'static CryptoProvider,
     ) -> Result<Self, Error> {
         Ok(Self {
             id: credentials.id,
-            key: Key::from_pkcs8_der(credentials.key_pkcs8)?,
+            key: Key::from_pkcs8_der_with(credentials.key_pkcs8, crypto)?,
             client: Arc::new(match (credentials.directory, credentials.urls) {
                 (Some(directory_url), _) => Client::new(directory_url, http).await?,
                 (None, Some(directory)) => Client {
@@ -390,20 +420,20 @@ impl AccountInner {
 }
 
 impl Signer for AccountInner {
-    type Signature = <Key as Signer>::Signature;
+    type Signature = Vec<u8>;
 
     fn header<'n, 'u: 'n, 's: 'u>(&'s self, nonce: Option<&'n str>, url: &'u str) -> Header<'n> {
         debug_assert!(nonce.is_some());
         Header {
-            alg: self.key.signing_algorithm,
+            alg: &self.key.alg,
             key: KeyOrKeyId::KeyId(&self.id),
             nonce,
             url,
         }
     }
 
-    fn sign(&self, payload: &[u8]) -> Result<Self::Signature, Error> {
-        self.key.sign(payload)
+    fn sign(&self, payload: &[u8]) -> Result<Vec<u8>, Error> {
+        self.key.inner.sign(payload)
     }
 }
 
@@ -412,16 +442,27 @@ impl Signer for AccountInner {
 /// Create one via [`Account::builder()`] or [`Account::builder_with_http()`].
 pub struct AccountBuilder {
     http: Box<dyn HttpClient>,
+    crypto: &'static CryptoProvider,
 }
 
 impl AccountBuilder {
+    /// Override the [`CryptoProvider`] for this builder
+    ///
+    /// By default, the builder uses [`CryptoProvider::builtin()`].
+    pub fn crypto_provider(mut self, provider: &'static CryptoProvider) -> Self {
+        self.crypto = provider;
+        self
+    }
+
     /// Restore an existing account from the given credentials
     ///
     /// The [`AccountCredentials`] type is opaque, but supports deserialization.
     #[allow(clippy::wrong_self_convention)]
     pub async fn from_credentials(self, credentials: AccountCredentials) -> Result<Account, Error> {
         Ok(Account {
-            inner: Arc::new(AccountInner::from_credentials(credentials, self.http).await?),
+            inner: Arc::new(
+                AccountInner::from_credentials(credentials, self.http, self.crypto).await?,
+            ),
         })
     }
 
@@ -435,7 +476,7 @@ impl AccountBuilder {
         directory_url: String,
         external_account: Option<&ExternalAccountKey>,
     ) -> Result<(Account, AccountCredentials), Error> {
-        let (key, key_pkcs8) = Key::generate_pkcs8()?;
+        let (key, key_pkcs8) = Key::generate_pkcs8_with(self.crypto)?;
         Self::create_inner(
             account,
             (key, key_pkcs8),
@@ -512,7 +553,7 @@ impl AccountBuilder {
         Ok(Account {
             inner: Arc::new(AccountInner {
                 id,
-                key: Key::from_pkcs8_der(key_pkcs8_der)?,
+                key: Key::from_pkcs8_der_with(key_pkcs8_der, self.crypto)?,
                 client: Arc::new(Client::new(directory_url, self.http).await?),
             }),
         })
@@ -529,7 +570,7 @@ impl AccountBuilder {
             external_account_binding: external_account
                 .map(|eak| {
                     JoseJson::new(
-                        Some(&Jwk::new(&key.inner)),
+                        Some(&key.jwk),
                         eak.header(None, &client.directory.new_account),
                         eak,
                     )
@@ -577,68 +618,93 @@ impl AccountBuilder {
 
 /// Private account key used to sign requests
 pub struct Key {
-    rng: crypto::SystemRandom,
-    signing_algorithm: SigningAlgorithm,
-    inner: crypto::EcdsaKeyPair,
+    inner: Arc<dyn crate::crypto::AccountKey>,
+    pub(crate) provider: &'static CryptoProvider,
+    jwk: serde_json::Value,
+    alg: String,
     pub(crate) thumb: String,
 }
 
 impl Key {
-    /// Generate a new ECDSA P-256 key pair
+    /// Generate a new key pair using the built-in [`CryptoProvider`]
+    #[cfg(any(feature = "ring", feature = "aws-lc-rs"))]
     #[deprecated(since = "0.8.3", note = "use `generate_pkcs8()` instead")]
     pub fn generate() -> Result<(Self, PrivateKeyDer<'static>), Error> {
         let (key, pkcs8) = Self::generate_pkcs8()?;
         Ok((key, PrivateKeyDer::Pkcs8(pkcs8)))
     }
 
-    /// Generate a new ECDSA P-256 key pair
+    /// Generate a new key pair using the built-in [`CryptoProvider`]
+    #[cfg(any(feature = "ring", feature = "aws-lc-rs"))]
     pub fn generate_pkcs8() -> Result<(Self, PrivatePkcs8KeyDer<'static>), Error> {
-        let rng = crypto::SystemRandom::new();
-        let pkcs8 =
-            crypto::EcdsaKeyPair::generate_pkcs8(&crypto::ECDSA_P256_SHA256_FIXED_SIGNING, &rng)
-                .map_err(|_| Error::Crypto)?;
+        Self::generate_pkcs8_with(CryptoProvider::builtin())
+    }
+
+    /// Generate a new key pair using the given [`CryptoProvider`]
+    ///
+    /// The key type depends on the provider. The built-in providers use ECDSA P-256.
+    pub fn generate_pkcs8_with(
+        provider: &'static CryptoProvider,
+    ) -> Result<(Self, PrivatePkcs8KeyDer<'static>), Error> {
+        let (key, pkcs8) = provider.account_key.generate_key()?;
+        let thumb = key_thumbprint(key.as_ref(), provider.sha256)?;
+        let jwk = key.to_jwk()?;
+        let alg = key.jws_algorithm().to_owned();
         Ok((
-            Self::new(pkcs8.as_ref(), rng)?,
-            PrivatePkcs8KeyDer::from(pkcs8.as_ref().to_vec()),
+            Self {
+                inner: key,
+                provider,
+                jwk,
+                alg,
+                thumb,
+            },
+            pkcs8,
         ))
     }
 
-    /// Create a new key from the given PKCS#8 DER-encoded private key
-    ///
-    /// Currently, only ECDSA P-256 keys are supported.
+    /// Create a key from the given PKCS#8 DER-encoded private key using the built-in
+    /// [`CryptoProvider`]
+    #[cfg(any(feature = "ring", feature = "aws-lc-rs"))]
     pub fn from_pkcs8_der(pkcs8_der: PrivatePkcs8KeyDer<'_>) -> Result<Self, Error> {
-        Self::new(pkcs8_der.secret_pkcs8_der(), crypto::SystemRandom::new())
+        Self::from_pkcs8_der_with(pkcs8_der, CryptoProvider::builtin())
     }
 
-    fn new(pkcs8_der: &[u8], rng: crypto::SystemRandom) -> Result<Self, Error> {
-        let inner = crypto::p256_key_pair_from_pkcs8(pkcs8_der, &rng)?;
-        let thumb = BASE64_URL_SAFE_NO_PAD.encode(Jwk::thumb_sha256(&inner)?);
+    /// Create a key from the given PKCS#8 DER-encoded private key using the given
+    /// [`CryptoProvider`]
+    pub fn from_pkcs8_der_with(
+        pkcs8_der: PrivatePkcs8KeyDer<'_>,
+        provider: &'static CryptoProvider,
+    ) -> Result<Self, Error> {
+        let owned = PrivatePkcs8KeyDer::from(pkcs8_der.secret_pkcs8_der().to_vec());
+        let key = provider.account_key.load_key(owned)?;
+        let thumb = key_thumbprint(key.as_ref(), provider.sha256)?;
+        let jwk = key.to_jwk()?;
+        let alg = key.jws_algorithm().to_owned();
         Ok(Self {
-            rng,
-            signing_algorithm: SigningAlgorithm::Es256,
-            inner,
+            inner: key,
+            provider,
+            jwk,
+            alg,
             thumb,
         })
     }
 }
 
 impl Signer for Key {
-    type Signature = crypto::Signature;
+    type Signature = Vec<u8>;
 
     fn header<'n, 'u: 'n, 's: 'u>(&'s self, nonce: Option<&'n str>, url: &'u str) -> Header<'n> {
         debug_assert!(nonce.is_some());
         Header {
-            alg: self.signing_algorithm,
-            key: KeyOrKeyId::from_key(&self.inner),
+            alg: &self.alg,
+            key: KeyOrKeyId::Key(&self.jwk),
             nonce,
             url,
         }
     }
 
-    fn sign(&self, payload: &[u8]) -> Result<Self::Signature, Error> {
-        self.inner
-            .sign(&self.rng, payload)
-            .map_err(|_| Error::Crypto)
+    fn sign(&self, payload: &[u8]) -> Result<Vec<u8>, Error> {
+        self.inner.sign(payload)
     }
 }
 
@@ -647,36 +713,48 @@ impl Signer for Key {
 /// See RFC 8555 section 7.3.4 for more information.
 pub struct ExternalAccountKey {
     id: String,
-    key: crypto::hmac::Key,
+    key_value: Vec<u8>,
+    provider: &'static CryptoProvider,
 }
 
 impl ExternalAccountKey {
-    /// Create a new external account key
+    /// Create a new external account key using the built-in [`CryptoProvider`]
     ///
     /// Note that the `key_value` argument represents the raw key value, so if the caller holds
     /// an encoded key value (for example, using base64), decode it before passing it in.
+    #[cfg(any(feature = "ring", feature = "aws-lc-rs"))]
     pub fn new(id: String, key_value: &[u8]) -> Self {
+        Self::new_with(id, key_value, CryptoProvider::builtin())
+    }
+
+    /// Create a new external account key using the given [`CryptoProvider`]
+    ///
+    /// Note that the `key_value` argument represents the raw key value, so if the caller holds
+    /// an encoded key value (for example, using base64), decode it before passing it in.
+    pub fn new_with(id: String, key_value: &[u8], provider: &'static CryptoProvider) -> Self {
         Self {
             id,
-            key: crypto::hmac::Key::new(crypto::hmac::HMAC_SHA256, key_value),
+            key_value: key_value.to_vec(),
+            provider,
         }
     }
 }
 
 impl Signer for ExternalAccountKey {
-    type Signature = crypto::hmac::Tag;
+    type Signature = Vec<u8>;
 
     fn header<'n, 'u: 'n, 's: 'u>(&'s self, nonce: Option<&'n str>, url: &'u str) -> Header<'n> {
         debug_assert_eq!(nonce, None);
         Header {
-            alg: SigningAlgorithm::Hs256,
+            alg: "HS256",
             key: KeyOrKeyId::KeyId(&self.id),
             nonce,
             url,
         }
     }
 
-    fn sign(&self, payload: &[u8]) -> Result<Self::Signature, Error> {
-        Ok(crypto::hmac::sign(&self.key, payload))
+    fn sign(&self, payload: &[u8]) -> Result<Vec<u8>, Error> {
+        let tag = self.provider.hmac_sha256.sign(&self.key_value, payload);
+        Ok((*tag).as_ref().to_vec())
     }
 }