Verify response signature

Author: Flavio Oliveira

README.md

@@ -7,8 +7,6 @@ Yubikey client API library, [validation protocol version 2.0](https://developers
 Enables integration with the Yubico validation platform, so you can use Yubikey's one-time-password in your Rust application,
 allowing a user to authenticate via Yubikey.
 
-IMPORTANT: WIP, signature verification hasn't been implemented yet.
-
 # Usage
 
 Add this to your Cargo.toml

src/lib.rs

@@ -11,16 +11,16 @@ use yubicoerror::YubicoError;
 use hyper::Client;
 use hyper::header::{Headers};
 use std::io::prelude::*;
-use base64::{encode};
+use base64::{encode, decode};
 use crypto::mac::{Mac};
 use crypto::hmac::Hmac;
 use crypto::sha1::Sha1;
 use rand::{thread_rng, Rng};
-use std::collections::HashMap;
 use threadpool::ThreadPool;
+use std::collections::BTreeMap;
 use std::sync::mpsc::{ channel, Sender };
-
 use url::percent_encoding::{utf8_percent_encode, SIMPLE_ENCODE_SET};
+
 define_encode_set! {
     /// This encode set is used in the URL parser for query strings.
     pub QUERY_ENCODE_SET = [SIMPLE_ENCODE_SET] | {'+', '='}
@@ -52,15 +52,15 @@ pub struct Request {
 #[derive(Clone)]
 pub struct Yubico {
     client_id: String,
-    key: String,
+    key: Vec<u8>,
 }
 
 impl Yubico {
     /// Creates a new Yubico instance.
     pub fn new(client_id: String, key: String) -> Self {
         Yubico {
             client_id: client_id,
-            key: key,
+            key: decode(key.as_ref()).unwrap(),
         }
     }
 
@@ -71,10 +71,14 @@ impl Yubico {
             _ => {
                 // TODO: use OsRng to generate a most secure nonce
                 let nonce: String = thread_rng().gen_ascii_chars().take(40).collect();
-                let mut query = format!("id={}&otp={}&nonce={}&sl=secure", self.client_id, otp, nonce);
+                let mut query = format!("id={}&nonce={}&otp={}&sl=secure", self.client_id, nonce, otp);
 
                 let signature = self.build_signature(query.clone());
-                query.push_str(signature.as_ref());
+
+                // Append the value under key h to the message.
+                let signature_param = format!("&h={}", signature);
+                let encoded = utf8_percent_encode(signature_param.as_ref(), QUERY_ENCODE_SET).collect::<String>();
+                query.push_str(encoded.as_ref());
 
                 let request = Request {otp: otp, nonce: nonce, signature: signature, query: query};
 
@@ -119,13 +123,11 @@ impl Yubico {
 
     //  1. Apply the HMAC-SHA-1 algorithm on the line as an octet string using the API key as key
     //  2. Base 64 encode the resulting value according to RFC 4648
-    //  3. Append the value under key h to the message.
     fn build_signature(&self, query: String) -> String {
-        let mut hmac = Hmac::new(Sha1::new(), self.key.as_bytes());
+        let mut hmac = Hmac::new(Sha1::new(), &self.key[..]);
         hmac.input(query.as_bytes());
         let signature = encode(hmac.result().code());
-        let signature_str = format!("&h={}", signature);
-        utf8_percent_encode(signature_str.as_ref(), QUERY_ENCODE_SET).collect::<String>()
+        format!("{}", signature)
     }
 
     // Recommendation is that clients only check that the input consists of 32-48 printable characters
@@ -137,7 +139,13 @@ impl Yubico {
         let url = format!("{}?{}", api_host, request.query);
         match self.get(url) {
             Ok(result) => {
-                let response_map: HashMap<String, String> = self.build_response_map(result);
+                let response_map: BTreeMap<String, String> = self.build_response_map(result);
+
+                // Signature located in the response must match the signature we will build
+                let signature_response : &str = &*response_map.get("h").unwrap();
+                if !self.is_same_signature(signature_response, response_map.clone()) {
+                    sender.send(Response::Signal(Err(YubicoError::SignatureMismatch))).unwrap();
+                }
 
                 // Check if "otp" in the response is the same as the "otp" supplied in the request.
                 let otp_response : &str = &*response_map.get("otp").unwrap();
@@ -173,8 +181,25 @@ impl Yubico {
         }
     }
 
-    fn build_response_map(&self, result: String) -> HashMap<String, String> {
-        let mut parameters = HashMap::new();
+    // Remove the signature itself from the values over for verification.
+    // Sort the key/value pairs.
+    fn is_same_signature(&self, signature_response: &str, mut response_map: BTreeMap<String, String>) -> bool {
+        response_map.remove("h");
+
+        let mut query = String::new();
+        for (key, value) in response_map {
+            let param = format!("{}={}&", key, value);
+            query.push_str(param.as_ref());
+        }
+        query.pop(); // remove last &
+
+        let signature = self.build_signature(query.clone());
+
+        if signature == signature_response { true } else { false }
+    }
+
+    fn build_response_map(&self, result: String) -> BTreeMap<String, String> {
+        let mut parameters = BTreeMap::new();
         for line in result.lines() {
             let param: Vec<&str> = line.splitn(2, '=').collect();
             if param.len() > 1 {
@@ -187,7 +212,7 @@ impl Yubico {
     pub fn get(&self, url: String) -> Result<String> {
         let client = Client::new();
         let mut custom_headers = Headers::new();
-        custom_headers.set(UserAgent("yubico-rs".to_owned()));
+        custom_headers.set(UserAgent("github.com/wisespace-io/yubico-rs".to_owned()));
 
         let mut response = String::new();
         let mut res = try!(client.get(&url).headers(custom_headers).send());