From f755eb02b4be1a2d97941f15c776d2391420ecad Mon Sep 17 00:00:00 2001
From: Martin Fischer <martin@push-f.com>
Date: Fri, 9 Apr 2021 14:23:14 +0200
Subject: make security module optional

---
 Cargo.toml             | 10 ++++---
 README.md              |  8 +++---
 src/lib.rs             |  7 +++--
 src/security.rs        |  4 ++-
 src/security/signed.rs | 72 ++++++++++++++++++++++++++++++++++++++++++++++++++
 src/signed.rs          | 72 --------------------------------------------------
 6 files changed, 90 insertions(+), 83 deletions(-)
 create mode 100644 src/security/signed.rs
 delete mode 100644 src/signed.rs

diff --git a/Cargo.toml b/Cargo.toml
index cc9e454..e1442c9 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -14,18 +14,15 @@ keywords = ["web", "cookie", "hyper", "hmac"]
 [features]
 hyper_body = ["hyper", "async-trait"]
 hyper_body_json = ["serde_json", "hyper_body"]
+security = ["base64", "hmac", "rand", "sha2"]
 
 [dependencies]
 http = "0.2"
 cookie = { version = "0.15", features = ["percent-encode"] }
 serde = { version = "1.0", features = ["derive"] }
 serde_urlencoded = "0.7.0"
-base64 = "0.13"
-hmac = "0.10"
 httpdate = "0.3.2"
 mime = "0.3"
-rand = "0.8"
-sha2 = "0.9"
 time = "0.2"
 thiserror = "1.0"
 
@@ -33,6 +30,11 @@ hyper = { version = "0.14", optional = true }
 async-trait = { version = "0.1", optional = true }
 serde_json = { version = "1.0", optional = true }
 
+base64 = { version = "0.13", optional = true }
+hmac = { version = "0.10", optional = true }
+rand = { version = "0.8", optional = true }
+sha2 = { version = "0.9", optional = true }
+
 [package.metadata.docs.rs]
 all-features = true
 rustdoc-args = ["--cfg", "docsrs"]
\ No newline at end of file
diff --git a/README.md b/README.md
index f2a81fd..c36d39b 100644
--- a/README.md
+++ b/README.md
@@ -12,10 +12,10 @@ with [Serde](https://serde.rs/) you can enable the following feature flags:
   `into_form` method for parsing data submitted from HTML forms.
 - `hyper_body_json` additionaly provides an `into_json` method
 
-Furthermore Sputnik provides what's necessary to implement [signed & expiring
-cookies](#signed--expiring-cookies) with the expiry date encoded into the
-signed cookie value, providing a more lightweight alternative to JWT if you
-don't need interoperability.
+With the `security` feature Sputnik furthermore provides what's necessary to
+implement [signed & expiring cookies](#signed--expiring-cookies) with the
+expiry date encoded into the signed cookie value, providing a more
+lightweight alternative to JWT if you don't need interoperability.
 
 Sputnik does **not** handle routing because even complex routing can be quite
 easily implemented with nested `match` blocks. If you want a more high-level
diff --git a/src/lib.rs b/src/lib.rs
index 760acf1..034a21b 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -6,10 +6,13 @@
 pub use mime;
 pub use httpdate;
 
-pub mod security;
 pub mod request;
 pub mod response;
-mod signed;
+
+#[cfg(feature="security")]
+#[cfg_attr(docsrs, doc(cfg(feature = "security")))]
+pub mod security;
+
 #[cfg(feature="hyper_body")]
 #[cfg_attr(docsrs, doc(cfg(feature = "hyper_body")))]
 pub mod hyper_body;
diff --git a/src/security.rs b/src/security.rs
index a270ee9..abe114e 100644
--- a/src/security.rs
+++ b/src/security.rs
@@ -2,7 +2,9 @@
 
 use time::OffsetDateTime;
 
-pub use crate::signed::Key;
+pub use signed::Key;
+
+mod signed;
 
 /// Join a string and an expiry date together into a string.
 pub fn encode_expiring_claim(claim: &str, expiry_date: OffsetDateTime) -> String {
diff --git a/src/security/signed.rs b/src/security/signed.rs
new file mode 100644
index 0000000..4da6760
--- /dev/null
+++ b/src/security/signed.rs
@@ -0,0 +1,72 @@
+use hmac::{Hmac,NewMac,Mac};
+use sha2::Sha256;
+
+const SIGNED_KEY_LEN: usize = 32;
+const BASE64_DIGEST_LEN: usize = 44;
+
+/// A convenience wrapper around HMAC.
+///
+/// This code was adapted from the [`cookie`] crate which does not make the sign and verify functions public
+/// forcing the use of [`CookieJar`](cookie::CookieJar)s, which are akward to work with without a high-level framework.
+// Thanks to Sergio Benitez for writing the original code and releasing it under MIT!
+pub struct Key (pub [u8; SIGNED_KEY_LEN]);
+
+impl Key {
+    const fn zero() -> Self {
+        Key ( [0; SIGNED_KEY_LEN])
+    }
+
+    /// Attempts to generate signing/encryption keys from a secure, random
+    /// source. Keys are generated nondeterministically. If randomness cannot be
+    /// retrieved from the underlying operating system, returns `None`.
+    pub fn try_generate() -> Option<Key> {
+        use rand::RngCore;
+
+        let mut rng = rand::thread_rng();
+        let mut both_keys = [0; SIGNED_KEY_LEN];
+        rng.try_fill_bytes(&mut both_keys).ok()?;
+        Some(Key::from(&both_keys))
+    }
+
+    /// Creates a new Key from a 32 byte cryptographically random string.
+    pub fn from(key: &[u8]) -> Key {
+        if key.len() < SIGNED_KEY_LEN {
+            panic!("bad key length: expected >= 32 bytes, found {}", key.len());
+        }
+
+        let mut output = Key::zero();
+        output.0.copy_from_slice(&key[..SIGNED_KEY_LEN]);
+        output
+    }
+
+    /// Signs the value providing integrity and authenticity.
+    pub fn sign(&self, value: &str) -> String {
+        // Compute HMAC-SHA256 of the cookie's value.
+        let mut mac = Hmac::<Sha256>::new_varkey(&self.0).expect("good key");
+        mac.update(value.as_bytes());
+
+        // Cookie's new value is [MAC | original-value].
+        let mut new_value = base64::encode(&mac.finalize().into_bytes());
+        new_value.push_str(value);
+        new_value
+    }
+
+    /// Extracts the value from a string signed with [`Key::sign`].
+    /// Fails if the string is malformed or the signature doesn't match.
+    pub fn verify(&self, value: &str) -> Result<String, String> {
+        if value.len() < BASE64_DIGEST_LEN {
+            return Err("length of value is <= BASE64_DIGEST_LEN".to_string());
+        }
+
+        // Split [MAC | original-value] into its two parts.
+        let (digest_str, value) = value.split_at(BASE64_DIGEST_LEN);
+        let digest = base64::decode(digest_str).map_err(|_| "bad base64 digest")?;
+
+        // Perform the verification.
+        let mut mac = Hmac::<Sha256>::new_varkey(&self.0).expect("good key");
+        mac.update(value.as_bytes());
+        mac.verify(&digest)
+            .map(|_| value.to_string())
+            .map_err(|_| "value did not verify".to_string())
+    }
+}
\ No newline at end of file
diff --git a/src/signed.rs b/src/signed.rs
deleted file mode 100644
index 4da6760..0000000
--- a/src/signed.rs
+++ /dev/null
@@ -1,72 +0,0 @@
-use hmac::{Hmac,NewMac,Mac};
-use sha2::Sha256;
-
-const SIGNED_KEY_LEN: usize = 32;
-const BASE64_DIGEST_LEN: usize = 44;
-
-/// A convenience wrapper around HMAC.
-///
-/// This code was adapted from the [`cookie`] crate which does not make the sign and verify functions public
-/// forcing the use of [`CookieJar`](cookie::CookieJar)s, which are akward to work with without a high-level framework.
-// Thanks to Sergio Benitez for writing the original code and releasing it under MIT!
-pub struct Key (pub [u8; SIGNED_KEY_LEN]);
-
-impl Key {
-    const fn zero() -> Self {
-        Key ( [0; SIGNED_KEY_LEN])
-    }
-
-    /// Attempts to generate signing/encryption keys from a secure, random
-    /// source. Keys are generated nondeterministically. If randomness cannot be
-    /// retrieved from the underlying operating system, returns `None`.
-    pub fn try_generate() -> Option<Key> {
-        use rand::RngCore;
-
-        let mut rng = rand::thread_rng();
-        let mut both_keys = [0; SIGNED_KEY_LEN];
-        rng.try_fill_bytes(&mut both_keys).ok()?;
-        Some(Key::from(&both_keys))
-    }
-
-    /// Creates a new Key from a 32 byte cryptographically random string.
-    pub fn from(key: &[u8]) -> Key {
-        if key.len() < SIGNED_KEY_LEN {
-            panic!("bad key length: expected >= 32 bytes, found {}", key.len());
-        }
-
-        let mut output = Key::zero();
-        output.0.copy_from_slice(&key[..SIGNED_KEY_LEN]);
-        output
-    }
-
-    /// Signs the value providing integrity and authenticity.
-    pub fn sign(&self, value: &str) -> String {
-        // Compute HMAC-SHA256 of the cookie's value.
-        let mut mac = Hmac::<Sha256>::new_varkey(&self.0).expect("good key");
-        mac.update(value.as_bytes());
-
-        // Cookie's new value is [MAC | original-value].
-        let mut new_value = base64::encode(&mac.finalize().into_bytes());
-        new_value.push_str(value);
-        new_value
-    }
-
-    /// Extracts the value from a string signed with [`Key::sign`].
-    /// Fails if the string is malformed or the signature doesn't match.
-    pub fn verify(&self, value: &str) -> Result<String, String> {
-        if value.len() < BASE64_DIGEST_LEN {
-            return Err("length of value is <= BASE64_DIGEST_LEN".to_string());
-        }
-
-        // Split [MAC | original-value] into its two parts.
-        let (digest_str, value) = value.split_at(BASE64_DIGEST_LEN);
-        let digest = base64::decode(digest_str).map_err(|_| "bad base64 digest")?;
-
-        // Perform the verification.
-        let mut mac = Hmac::<Sha256>::new_varkey(&self.0).expect("good key");
-        mac.update(value.as_bytes());
-        mac.verify(&digest)
-            .map(|_| value.to_string())
-            .map_err(|_| "value did not verify".to_string())
-    }
-}
\ No newline at end of file
-- 
cgit v1.2.3