From 648d073e1b8f4838f147c0520024bd453921a25c Mon Sep 17 00:00:00 2001
From: Joris Guyonvarch
Date: Fri, 17 Apr 2026 22:53:02 +0200
Subject: Remove signing login token

It’s enough to use a safe crypto lib. But augment the token size to
upper bound.
---
 src/crypto/mod.rs    |  1 -
 src/crypto/signed.rs | 71 ----------------------------------------------------
 2 files changed, 72 deletions(-)
 delete mode 100644 src/crypto/mod.rs
 delete mode 100644 src/crypto/signed.rs

(limited to 'src/crypto')

diff --git a/src/crypto/mod.rs b/src/crypto/mod.rs
deleted file mode 100644
index 41e9259..0000000
--- a/src/crypto/mod.rs
+++ /dev/null
@@ -1 +0,0 @@
-pub mod signed;
diff --git a/src/crypto/signed.rs b/src/crypto/signed.rs
deleted file mode 100644
index 436f3d1..0000000
--- a/src/crypto/signed.rs
+++ /dev/null
@@ -1,71 +0,0 @@
-use hex;
-use hmac::{Hmac, Mac};
-use sha2::Sha256;
-use std::str;
-use std::time::{SystemTime, UNIX_EPOCH};
-
-const SEP: &str = "-";
-
-pub fn sign(key: &str, raw: &str) -> Result<String, String> {
-    let nonce = get_nonce()?;
-    let joined = format!("{nonce}{SEP}{raw}");
-    let signature = get_signature(key, &joined)?;
-    Ok(format!("{signature}{SEP}{joined}"))
-}
-
-pub fn verify(key: &str, signed: &str) -> Result<String, String> {
-    let mut iter = signed.split(SEP);
-    match (iter.next(), iter.next()) {
-        (Some(signature), Some(nonce)) => {
-            let raw = iter.collect::<Vec<&str>>().join(SEP);
-            if signature == get_signature(key, &format!("{nonce}{SEP}{raw}"))? {
-                Ok(raw)
-            } else {
-                Err("Signature does not match".to_string())
-            }
-        }
-        _ => Err("Malformed signed".to_string()),
-    }
-}
-
-fn get_signature(key: &str, message: &str) -> Result<String, String> {
-    let mut mac = Hmac::<Sha256>::new_from_slice(key.as_bytes())
-        .map_err(|e| format!("Error initializing MAC: {e}"))?;
-    mac.update(message.as_bytes());
-    let result = mac.finalize();
-    Ok(hex::encode(result.into_bytes()))
-}
-
-fn get_nonce() -> Result<String, String> {
-    Ok(SystemTime::now()
-        .duration_since(UNIX_EPOCH)
-        .map_err(|e| format!("Failure getting unix expoch: {e}"))?
-        .as_millis()
-        .to_string())
-}
-
-#[cfg(test)]
-mod tests {
-    use super::*;
-
-    #[test]
-    fn sign_and_validate() {
-        let key = "xagrlBUobnTj32Rm8tvmsZ6mh8qLfip5".to_string();
-        assert_eq!(verify(&key, &sign(&key, "").unwrap()), Ok("".to_string()));
-        assert_eq!(
-            verify(&key, &sign(&key, "hello").unwrap()),
-            Ok("hello".to_string())
-        );
-        assert_eq!(
-            verify(&key, &sign(&key, "with-sep").unwrap()),
-            Ok("with-sep".to_string())
-        );
-    }
-
-    #[test]
-    fn fail_when_key_mismatch() {
-        let key1 = "xagrlBUobnTj32Rm8tvmsZ6mh8qLfip5".to_string();
-        let key2 = "8KJBK6axEr9wQ390GgdWA8Pjn8FwILDa".to_string();
-        assert!(verify(&key1, &sign(&key2, "hello").unwrap()).is_err());
-    }
-}
-- 
cgit v1.2.3