MarketTakers/arbiter
5
0
Fork 0
Code Issues 27 Pull Requests 5 Packages Projects Releases Wiki Activity

feat(user-agent-auth): add RSA and ECDSA auth key types
Some checks failed
ci/woodpecker/pr/server-lint Pipeline failed
Details
ci/woodpecker/pr/server-audit Pipeline failed
Details
ci/woodpecker/pr/server-test Pipeline failed
Details
ci/woodpecker/pr/server-vet Pipeline failed
Details

Browse Source 
Extend user-agent authentication to support Ed25519, ECDSA (secp256k1), and RSA (PSS+SHA-256) with minimal protocol and storage changes. Add key_type to auth requests and useragent_client, update key parsing/signature verification paths, and keep backward compatibility by treating UNSPECIFIED as Ed25519.
This commit is contained in:
CleverWild
2026-03-14 12:14:30 +01:00
parent a3c401194f
commit 6030f30901
20 changed files with 556 additions and 124 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
server/crates/arbiter-server/src/db/models.rs
View File

@@ -12,8 +12,6 @@ use diesel::{prelude::*, sqlite::Sqlite};
use restructed::Models;
pub mod types {
use std::os::unix;
use chrono::{DateTime, Utc};
use diesel::{
deserialize::{FromSql, FromSqlRow},
@@ -74,6 +72,43 @@ pub mod types {
Ok(SqliteTimestamp(datetime))
}
}
/// Key algorithm stored in the `useragent_client.key_type` column.
/// Values must stay stable — they are persisted in the database.
#[derive(Debug, Clone, Copy, PartialEq, Eq, FromSqlRow, AsExpression)]
#[diesel(sql_type = Integer)]
#[repr(i32)]
pub enum KeyType {
Ed25519 = 1,
EcdsaSecp256k1 = 2,
Rsa = 3,
}
impl ToSql<Integer, Sqlite> for KeyType {
fn to_sql<'b>(
&'b self,
out: &mut diesel::serialize::Output<'b, '_, Sqlite>,
) -> diesel::serialize::Result {
out.set_value(*self as i32);
Ok(IsNull::No)
}
}
impl FromSql<Integer, Sqlite> for KeyType {
fn from_sql(
mut bytes: <Sqlite as diesel::backend::Backend>::RawValue<'_>,
) -> diesel::deserialize::Result<Self> {
let Some(SqliteType::Long) = bytes.value_type() else {
return Err("Expected Integer for KeyType".into());
};
match bytes.read_long() {
1 => Ok(KeyType::Ed25519),
2 => Ok(KeyType::EcdsaSecp256k1),
3 => Ok(KeyType::Rsa),
other => Err(format!("Unknown KeyType discriminant: {other}").into()),
}
}
}
}
pub use types::*;
@@ -171,6 +206,7 @@ pub struct UseragentClient {
pub public_key: Vec<u8>,
pub created_at: SqliteTimestamp,
pub updated_at: SqliteTimestamp,
pub key_type: KeyType,
}
#[derive(Models, Queryable, Debug, Insertable, Selectable)]