From 53777128824cb3bf3d11d365e7d32bc57d63a04c Mon Sep 17 00:00:00 2001 From: silentsilas Date: Wed, 18 Dec 2024 19:42:23 -0500 Subject: [PATCH 1/2] update dependencies and erlang/elixir in tool versions, fix warnings in config files, use relative path for reading key --- .gitignore | 5 ++- .tool-versions | 4 +- config/config.exs | 4 +- config/dev.exs | 2 +- config/prod.exs | 2 +- config/test.exs | 56 +-------------------------- lib/cloudfront_signer/distribution.ex | 7 ++-- mix.exs | 10 ++--- mix.lock | 38 +++++++++--------- 9 files changed, 41 insertions(+), 87 deletions(-) diff --git a/.gitignore b/.gitignore index f4f2b65..5f16d0d 100644 --- a/.gitignore +++ b/.gitignore @@ -22,4 +22,7 @@ erl_crash.dump # Ignore package tarball (built via "mix hex.build"). cloudfront_signer-*.tar -.elixir_ls/ \ No newline at end of file +.elixir_ls/ + +private_key.pem +.envrc \ No newline at end of file diff --git a/.tool-versions b/.tool-versions index 08f9f74..8c4dd92 100644 --- a/.tool-versions +++ b/.tool-versions @@ -1,2 +1,2 @@ -erlang 20.1.7 -elixir 1.6.3 \ No newline at end of file +erlang 27.1.2 +elixir 1.17.3 diff --git a/config/config.exs b/config/config.exs index d88c269..871a3d1 100644 --- a/config/config.exs +++ b/config/config.exs @@ -1,3 +1,3 @@ -use Mix.Config +import Config -import_config "#{Mix.env}.exs" \ No newline at end of file +import_config "#{Mix.env()}.exs" diff --git a/config/dev.exs b/config/dev.exs index a7d258e..becde76 100644 --- a/config/dev.exs +++ b/config/dev.exs @@ -1 +1 @@ -use Mix.Config \ No newline at end of file +import Config diff --git a/config/prod.exs b/config/prod.exs index a7d258e..becde76 100644 --- a/config/prod.exs +++ b/config/prod.exs @@ -1 +1 @@ -use Mix.Config \ No newline at end of file +import Config diff --git a/config/test.exs b/config/test.exs index e6c93cc..4a155cc 100644 --- a/config/test.exs +++ b/config/test.exs @@ -1,58 +1,6 @@ -use Mix.Config +import Config config :cloudfront_signer, CloudfrontSignerTest, domain: "https://somewhere.cloudfront.com", key_pair_id: "a_key_pair", - private_key: """ ------BEGIN RSA PRIVATE KEY----- -MIIJKAIBAAKCAgEAr9Z3VheAjXWGY+90nTvHByk3h++4NqfytudZ7QRDM95UA1Qo -hygCqNYBqxTC07aTP9RZDdpw2HWt+DneFR2Eq5Cd9i8+TEv/FZ+sJX2B3ZLQYiUa -ZTOFM5PEgCMnSr9kUo5+r0bwBohO1yR801J1t9SPh9/vTVfWrDbH5hqnja5qGEy3 -ytN4ARuZGWuaPNlAeNbHu7WzHdyvT4B8V0CLHCe3xaMrOCI8kG5m/e6wQLk+gwEs -mxN5ETtQxefkY85j2368zP1LLvjGhml5m9JAJjekhyQ2S5lcLLmv6K8IyNdJPYUS -bVR6xXNhZ9AGZN1ktXPdgL2wAlFL2keRtptZuWv6cE1M8261sGVI7BMSlExlPOeb -at41yoclDZLQqKTrDPIVR0aECW4Fxt/ah+WHQKlVEXqb6MDTyFEuHH+yqYkK56fp -gVkzmmDYAcXfVJmCaoWjaa4zwu2F2Jg9/NLTNsyVXhDZdDbol69fhxT0ddAwtrvm -4Yor9+ODOh3rZd4TdFkpTcM7HRa+WCgfYjy/crHXyNlwrVSsYjgIMDWRrmmDYDEf -ne7T9cUugviR0HKCi0T+D+VTydqBtvMRlNKKW28+bVMAuZWePl0CILhGMayRamVN -nflx6/bGOa4tjdSUzKgf65NmvwoTVoQXLjivFKBXFlSFxZqlB7Cd0lslKu8CAwEA -AQKCAgBik8SBUlmydHGsMwFYaLvSquvD3MOUeKFcouTKOLqIKJtG5nZ2FxsulhOH -WvNCh7eTcDOgzZa383ldkOuNQOgw2rmD28Z8NZrC/6odtngIxRbn/s8Gb1S8rpna -EFslz5ipo9Mn5ogH0YEJoh4MxszSC2uQDB33aUgjce6tdMH8bwxxpQjgv58mV9eD -5cwpUs6PMDH3bQ0Gr8Lkui57J+cVGLsxJKHFLYRwoERDFf5furpt7UmZgtg7rdpB -qRhkT7+xvSKRdWsh4TxC/Hy9u6hVBJrLXKTHyyletZcFxqMRHYik4aaL/nF5oo64 -CWqcP3YHN/a1ByLWmccBj2AEVKF+oQsGzGaO719Q85TcyJ6oZTBvjOO8C19aTCGW -kV0Cj69jShbWchNtvRZSXjN8pEwTNDml9ptYAjK9/OYODZIpHcJjbuJbN4afbMTQ -jiKmMr7+thDKqVMSzFL6OAmUb4rfZEru6UI9t335HNEKxBf3mPk0UtRmavAFlE6S -sXDdN8Epf0NSZ8qDkJqmQ2dvSMRer5OsQulW3z6NI6M+SGBCgBn2Iv2DTuf66kbj -uCXEuyAYbiXh47Qk0/oU76SxKHdLEeGOZu5fENacUGy/AAktoeEv/jQSeDxtV1uH -1BP6ZhP7WUlRXiV5w0xXruBWZn502GLGDJBH92PNoD8PCkfGSQKCAQEA3X5DOBbh -0K7Sqhvh3VGdB99ZrLogYkB6vzc/HqAHqBq0tVUr0wvzoXngnsQL70JRs7o9qnWW -x0Omt8BooSFknVmzHxUXAwGkP1xMOifhC07bPLkw+vx6gm/p88qQYPPzJ67PC2iA -FYCqmcvuDDVxCZHnv87RDSlhggj7TGucbYQlCI1WIodXNbI6V2fhAu92Wi4mQ2On -chy19RdqEojreaoTwPDKtSImnF1pYQcKyNrzTbNzxhxg1XFmdNBaTmvunsbpADVC -jBYjalyCFM9Kb03N6BwqcDjLfqdWbngvsXBJchxPE0rvGdl0XjAuk+wu7j6onWDn -6t3LthEPbsKtEwKCAQEAyztXw5NCZgonEuS9lTjWhUSaJovcS98WRfKKJJgOzO6l -uMDpaOEKce5kPYybzkwu7X0L0U+nvk31MJQRK17v0V1gJLSZpe12YBtw9o7K5lPS -63e68kLwYPTKQcos0KM3lPhfp05/oe1d/YCJfsmnTDaayFU7aC48hergzZ1BcKB4 -MP258SUSd5b9j7z7ywkW+vR56WFav1fzF/73vEx9AbJjqzj9J24j5hMa3eYAP3C7 -rHhdzkeM+ORM1IDkzi6pu002zCcVTMk8+lFl8aXP5arjJxQ5X+Jx2K4Jovi4mTNY -AmnoDEIGEmw9MYDfB2zCoN3yGWZtom4FFHU6wiQSNQKCAQEAkdGwW1rlK8gMtSVK -G7TBVw96MDcRXt3ocb7jdTwSDmAWnFMIWRdDPAnLEXssCEZ3F4YDVxe3PlSRi+PG -fl5HqTgGru3pincoNPaE0Ly0cgdmWqHpVzOlS/513aR8TPgOGxABCxevS3i72Cjj -/XGpi41dL2/vPWUC5uMW3obyIz+eSfUSwgSsK5O8yRKAlrgkCNbdJfyTnpK8UDEs -CivOKvkHrDxal8l19fehitliBj3vdDYygDjqn1rbAwiwi3SPUkTN3O8zcpqYkkt4 -8E5QSNrGNotkfSFHB4kPZAcIDx9HmzJ79M2egDwjWmcKIySY+QyTYZkM1hlTJfgx -WtAbtQKCAQBoL2Ldmxd18gx37hWWcw3eQf34dsiXiKUFdMIG4oDr5AfG//ZoUr2l -DH4M45FYH8wK6YjuY7Rtpc9lePKYVlIA9ap9Bqyh2GtP96FgdHFlxGEjXzzSRyit -u7AYLAnvZ0zuLKn0vhRGMcZ2V7ek7MG8G14cBz2uOc3DJVbbcZuDnnAfRWNWURf3 -gMs6LbqzKlTCkCQTVVpNL0wq6AWeXWPUQ9w+gbedyCPVJcQnL2q/Gw7K6uXEAwAs -8/TDF9S0Mk3G/F10KTENLTj6ZlIpoEREy+cpOH/1PMP6PbYo+vK/bwfWLO7Noec0 -+JIiV5t+Ve4sw7sB9HWNyHMIOtTFg/JlAoIBAAc6uQW5KcQHEMMHWmCF43CyKGRu -zC0nI6AxN0aR/Ei+zbnL3RDIYggQ7Rsc+0EM0cnNu03n/e1qFsh+Cv1CB/LK83Jm -6xFpSQPep4mMlkhVBqaiSq088SOtVnlUW+sls0Ob2yFnbIDOWsW18l5+rnOvDdB1 -/DaKHhPSXpXp4DyKsncdB9YO3k+wTh7xHmMIuUwSpDKe/gkrDcWGAFdmNBgzhq5x -tnVCKBn116sXaWbkXRtkje0pgW4VAhC4MFBzO7pJ1MkHY3xUXfN+RtY70mO7aQjQ -UlHfrGLB21LaRnfqZGHOtgd8Ads6E3dvtdhNQs37tLLPQqx2pOrUiykem4c= ------END RSA PRIVATE KEY----- -""" \ No newline at end of file + private_key: {:file, "/private_key.pem"} diff --git a/lib/cloudfront_signer/distribution.ex b/lib/cloudfront_signer/distribution.ex index 5c724a5..bd2c900 100644 --- a/lib/cloudfront_signer/distribution.ex +++ b/lib/cloudfront_signer/distribution.ex @@ -6,7 +6,7 @@ defmodule CloudfrontSigner.Distribution do defstruct [:private_key, :domain, :key_pair_id] @type t :: %__MODULE__{} - + @doc """ Creates a `Distribution.t` record from the contents of `Application.get_env(app, scope)` """ @@ -28,7 +28,7 @@ defmodule CloudfrontSigner.Distribution do defp parse_config(_), do: nil defp read_value({:system, env_var}), do: System.get_env(env_var) - defp read_value({:file, file_path}), do: File.read!(file_path) + defp read_value({:file, file_path}), do: File.read!(Path.join(File.cwd!(), file_path)) defp read_value(value) when is_binary(value), do: value defp decode_pk(%__MODULE__{private_key: pk} = dist) when is_binary(pk) do @@ -39,5 +39,6 @@ defmodule CloudfrontSigner.Distribution do _ -> raise ArgumentError, "Invalid PEM for cloudfront private key" end end + defp decode_pk(dist), do: dist -end \ No newline at end of file +end diff --git a/mix.exs b/mix.exs index 8b87b81..4cdae8f 100644 --- a/mix.exs +++ b/mix.exs @@ -5,7 +5,7 @@ defmodule CloudfrontSigner.MixProject do [ app: :cloudfront_signer, version: "0.1.0", - elixir: "~> 1.6", + elixir: "~> 1.17", start_permanent: Mix.env() == :prod, package: package(), description: description(), @@ -22,9 +22,9 @@ defmodule CloudfrontSigner.MixProject do defp deps do [ - {:poison, "~> 3.1"}, - {:timex, "~> 3.1"}, - {:ex_doc, "~> 0.14", only: :dev} + {:poison, "~> 6.0"}, + {:timex, "~> 3.7"}, + {:ex_doc, "~> 0.35", only: :dev} ] end @@ -37,7 +37,7 @@ defmodule CloudfrontSigner.MixProject do # These are the default files included in the package files: ~w(lib config .formatter.exs mix.exs README* LICENSE*), licenses: ["MIT"], - links: %{"GitHub" => "https://github.com/Poeticode/cloudfront-signer"} + links: %{"GitHub" => "https://github.com/silentsilas/cloudfront-signer"} ] end end diff --git a/mix.lock b/mix.lock index 08aaf47..54bd75b 100644 --- a/mix.lock +++ b/mix.lock @@ -1,20 +1,22 @@ %{ - "certifi": {:hex, :certifi, "2.3.1", "d0f424232390bf47d82da8478022301c561cf6445b5b5fb6a84d49a9e76d2639", [:rebar3], [{:parse_trans, "3.2.0", [hex: :parse_trans, repo: "hexpm", optional: false]}], "hexpm"}, - "combine": {:hex, :combine, "0.10.0", "eff8224eeb56498a2af13011d142c5e7997a80c8f5b97c499f84c841032e429f", [:mix], [], "hexpm"}, - "earmark": {:hex, :earmark, "1.3.1", "73812f447f7a42358d3ba79283cfa3075a7580a3a2ed457616d6517ac3738cb9", [:mix], [], "hexpm"}, - "ex_doc": {:hex, :ex_doc, "0.19.3", "3c7b0f02851f5fc13b040e8e925051452e41248f685e40250d7e40b07b9f8c10", [:mix], [{:earmark, "~> 1.2", [hex: :earmark, repo: "hexpm", optional: false]}, {:makeup_elixir, "~> 0.10", [hex: :makeup_elixir, repo: "hexpm", optional: false]}], "hexpm"}, - "gettext": {:hex, :gettext, "0.15.0", "40a2b8ce33a80ced7727e36768499fc9286881c43ebafccae6bab731e2b2b8ce", [:mix], [], "hexpm"}, - "hackney": {:hex, :hackney, "1.12.1", "8bf2d0e11e722e533903fe126e14d6e7e94d9b7983ced595b75f532e04b7fdc7", [:rebar3], [{:certifi, "2.3.1", [hex: :certifi, repo: "hexpm", optional: false]}, {:idna, "5.1.1", [hex: :idna, repo: "hexpm", optional: false]}, {:metrics, "1.0.1", [hex: :metrics, repo: "hexpm", optional: false]}, {:mimerl, "1.0.2", [hex: :mimerl, repo: "hexpm", optional: false]}, {:ssl_verify_fun, "1.1.1", [hex: :ssl_verify_fun, repo: "hexpm", optional: false]}], "hexpm"}, - "idna": {:hex, :idna, "5.1.1", "cbc3b2fa1645113267cc59c760bafa64b2ea0334635ef06dbac8801e42f7279c", [:rebar3], [{:unicode_util_compat, "0.3.1", [hex: :unicode_util_compat, repo: "hexpm", optional: false]}], "hexpm"}, - "makeup": {:hex, :makeup, "0.8.0", "9cf32aea71c7fe0a4b2e9246c2c4978f9070257e5c9ce6d4a28ec450a839b55f", [:mix], [{:nimble_parsec, "~> 0.5.0", [hex: :nimble_parsec, repo: "hexpm", optional: false]}], "hexpm"}, - "makeup_elixir": {:hex, :makeup_elixir, "0.13.0", "be7a477997dcac2e48a9d695ec730b2d22418292675c75aa2d34ba0909dcdeda", [:mix], [{:makeup, "~> 0.8", [hex: :makeup, repo: "hexpm", optional: false]}], "hexpm"}, - "metrics": {:hex, :metrics, "1.0.1", "25f094dea2cda98213cecc3aeff09e940299d950904393b2a29d191c346a8486", [:rebar3], [], "hexpm"}, - "mimerl": {:hex, :mimerl, "1.0.2", "993f9b0e084083405ed8252b99460c4f0563e41729ab42d9074fd5e52439be88", [:rebar3], [], "hexpm"}, - "nimble_parsec": {:hex, :nimble_parsec, "0.5.0", "90e2eca3d0266e5c53f8fbe0079694740b9c91b6747f2b7e3c5d21966bba8300", [:mix], [], "hexpm"}, - "parse_trans": {:hex, :parse_trans, "3.2.0", "2adfa4daf80c14dc36f522cf190eb5c4ee3e28008fc6394397c16f62a26258c2", [:rebar3], [], "hexpm"}, - "poison": {:hex, :poison, "3.1.0", "d9eb636610e096f86f25d9a46f35a9facac35609a7591b3be3326e99a0484665", [:mix], [], "hexpm"}, - "ssl_verify_fun": {:hex, :ssl_verify_fun, "1.1.1", "28a4d65b7f59893bc2c7de786dec1e1555bd742d336043fe644ae956c3497fbe", [:make, :rebar], [], "hexpm"}, - "timex": {:hex, :timex, "3.3.0", "e0695aa0ddb37d460d93a2db34d332c2c95a40c27edf22fbfea22eb8910a9c8d", [:mix], [{:combine, "~> 0.10", [hex: :combine, repo: "hexpm", optional: false]}, {:gettext, "~> 0.10", [hex: :gettext, repo: "hexpm", optional: false]}, {:tzdata, "~> 0.1.8 or ~> 0.5", [hex: :tzdata, repo: "hexpm", optional: false]}], "hexpm"}, - "tzdata": {:hex, :tzdata, "0.5.16", "13424d3afc76c68ff607f2df966c0ab4f3258859bbe3c979c9ed1606135e7352", [:mix], [{:hackney, "~> 1.0", [hex: :hackney, repo: "hexpm", optional: false]}], "hexpm"}, - "unicode_util_compat": {:hex, :unicode_util_compat, "0.3.1", "a1f612a7b512638634a603c8f401892afbf99b8ce93a45041f8aaca99cadb85e", [:rebar3], [], "hexpm"}, + "certifi": {:hex, :certifi, "2.12.0", "2d1cca2ec95f59643862af91f001478c9863c2ac9cb6e2f89780bfd8de987329", [:rebar3], [], "hexpm", "ee68d85df22e554040cdb4be100f33873ac6051387baf6a8f6ce82272340ff1c"}, + "combine": {:hex, :combine, "0.10.0", "eff8224eeb56498a2af13011d142c5e7997a80c8f5b97c499f84c841032e429f", [:mix], [], "hexpm", "1b1dbc1790073076580d0d1d64e42eae2366583e7aecd455d1215b0d16f2451b"}, + "earmark_parser": {:hex, :earmark_parser, "1.4.41", "ab34711c9dc6212dda44fcd20ecb87ac3f3fce6f0ca2f28d4a00e4154f8cd599", [:mix], [], "hexpm", "a81a04c7e34b6617c2792e291b5a2e57ab316365c2644ddc553bb9ed863ebefa"}, + "ex_doc": {:hex, :ex_doc, "0.35.1", "de804c590d3df2d9d5b8aec77d758b00c814b356119b3d4455e4b8a8687aecaf", [:mix], [{:earmark_parser, "~> 1.4.39", [hex: :earmark_parser, repo: "hexpm", optional: false]}, {:makeup_c, ">= 0.1.0", [hex: :makeup_c, repo: "hexpm", optional: true]}, {:makeup_elixir, "~> 0.14 or ~> 1.0", [hex: :makeup_elixir, repo: "hexpm", optional: false]}, {:makeup_erlang, "~> 0.1 or ~> 1.0", [hex: :makeup_erlang, repo: "hexpm", optional: false]}, {:makeup_html, ">= 0.1.0", [hex: :makeup_html, repo: "hexpm", optional: true]}], "hexpm", "2121c6402c8d44b05622677b761371a759143b958c6c19f6558ff64d0aed40df"}, + "expo": {:hex, :expo, "1.1.0", "f7b9ed7fb5745ebe1eeedf3d6f29226c5dd52897ac67c0f8af62a07e661e5c75", [:mix], [], "hexpm", "fbadf93f4700fb44c331362177bdca9eeb8097e8b0ef525c9cc501cb9917c960"}, + "gettext": {:hex, :gettext, "0.26.2", "5978aa7b21fada6deabf1f6341ddba50bc69c999e812211903b169799208f2a8", [:mix], [{:expo, "~> 0.5.1 or ~> 1.0", [hex: :expo, repo: "hexpm", optional: false]}], "hexpm", "aa978504bcf76511efdc22d580ba08e2279caab1066b76bb9aa81c4a1e0a32a5"}, + "hackney": {:hex, :hackney, "1.20.1", "8d97aec62ddddd757d128bfd1df6c5861093419f8f7a4223823537bad5d064e2", [:rebar3], [{:certifi, "~> 2.12.0", [hex: :certifi, repo: "hexpm", optional: false]}, {:idna, "~> 6.1.0", [hex: :idna, repo: "hexpm", optional: false]}, {:metrics, "~> 1.0.0", [hex: :metrics, repo: "hexpm", optional: false]}, {:mimerl, "~> 1.1", [hex: :mimerl, repo: "hexpm", optional: false]}, {:parse_trans, "3.4.1", [hex: :parse_trans, repo: "hexpm", optional: false]}, {:ssl_verify_fun, "~> 1.1.0", [hex: :ssl_verify_fun, repo: "hexpm", optional: false]}, {:unicode_util_compat, "~> 0.7.0", [hex: :unicode_util_compat, repo: "hexpm", optional: false]}], "hexpm", "fe9094e5f1a2a2c0a7d10918fee36bfec0ec2a979994cff8cfe8058cd9af38e3"}, + "idna": {:hex, :idna, "6.1.1", "8a63070e9f7d0c62eb9d9fcb360a7de382448200fbbd1b106cc96d3d8099df8d", [:rebar3], [{:unicode_util_compat, "~> 0.7.0", [hex: :unicode_util_compat, repo: "hexpm", optional: false]}], "hexpm", "92376eb7894412ed19ac475e4a86f7b413c1b9fbb5bd16dccd57934157944cea"}, + "makeup": {:hex, :makeup, "1.2.1", "e90ac1c65589ef354378def3ba19d401e739ee7ee06fb47f94c687016e3713d1", [:mix], [{:nimble_parsec, "~> 1.4", [hex: :nimble_parsec, repo: "hexpm", optional: false]}], "hexpm", "d36484867b0bae0fea568d10131197a4c2e47056a6fbe84922bf6ba71c8d17ce"}, + "makeup_elixir": {:hex, :makeup_elixir, "1.0.1", "e928a4f984e795e41e3abd27bfc09f51db16ab8ba1aebdba2b3a575437efafc2", [:mix], [{:makeup, "~> 1.0", [hex: :makeup, repo: "hexpm", optional: false]}, {:nimble_parsec, "~> 1.2.3 or ~> 1.3", [hex: :nimble_parsec, repo: "hexpm", optional: false]}], "hexpm", "7284900d412a3e5cfd97fdaed4f5ed389b8f2b4cb49efc0eb3bd10e2febf9507"}, + "makeup_erlang": {:hex, :makeup_erlang, "1.0.1", "c7f58c120b2b5aa5fd80d540a89fdf866ed42f1f3994e4fe189abebeab610839", [:mix], [{:makeup, "~> 1.0", [hex: :makeup, repo: "hexpm", optional: false]}], "hexpm", "8a89a1eeccc2d798d6ea15496a6e4870b75e014d1af514b1b71fa33134f57814"}, + "metrics": {:hex, :metrics, "1.0.1", "25f094dea2cda98213cecc3aeff09e940299d950904393b2a29d191c346a8486", [:rebar3], [], "hexpm", "69b09adddc4f74a40716ae54d140f93beb0fb8978d8636eaded0c31b6f099f16"}, + "mimerl": {:hex, :mimerl, "1.3.0", "d0cd9fc04b9061f82490f6581e0128379830e78535e017f7780f37fea7545726", [:rebar3], [], "hexpm", "a1e15a50d1887217de95f0b9b0793e32853f7c258a5cd227650889b38839fe9d"}, + "nimble_parsec": {:hex, :nimble_parsec, "1.4.0", "51f9b613ea62cfa97b25ccc2c1b4216e81df970acd8e16e8d1bdc58fef21370d", [:mix], [], "hexpm", "9c565862810fb383e9838c1dd2d7d2c437b3d13b267414ba6af33e50d2d1cf28"}, + "parse_trans": {:hex, :parse_trans, "3.4.1", "6e6aa8167cb44cc8f39441d05193be6e6f4e7c2946cb2759f015f8c56b76e5ff", [:rebar3], [], "hexpm", "620a406ce75dada827b82e453c19cf06776be266f5a67cff34e1ef2cbb60e49a"}, + "poison": {:hex, :poison, "6.0.0", "9bbe86722355e36ffb62c51a552719534257ba53f3271dacd20fbbd6621a583a", [:mix], [{:decimal, "~> 2.1", [hex: :decimal, repo: "hexpm", optional: true]}], "hexpm", "bb9064632b94775a3964642d6a78281c07b7be1319e0016e1643790704e739a2"}, + "ssl_verify_fun": {:hex, :ssl_verify_fun, "1.1.7", "354c321cf377240c7b8716899e182ce4890c5938111a1296add3ec74cf1715df", [:make, :mix, :rebar3], [], "hexpm", "fe4c190e8f37401d30167c8c405eda19469f34577987c76dde613e838bbc67f8"}, + "timex": {:hex, :timex, "3.7.11", "bb95cb4eb1d06e27346325de506bcc6c30f9c6dea40d1ebe390b262fad1862d1", [:mix], [{:combine, "~> 0.10", [hex: :combine, repo: "hexpm", optional: false]}, {:gettext, "~> 0.20", [hex: :gettext, repo: "hexpm", optional: false]}, {:tzdata, "~> 1.1", [hex: :tzdata, repo: "hexpm", optional: false]}], "hexpm", "8b9024f7efbabaf9bd7aa04f65cf8dcd7c9818ca5737677c7b76acbc6a94d1aa"}, + "tzdata": {:hex, :tzdata, "1.1.2", "45e5f1fcf8729525ec27c65e163be5b3d247ab1702581a94674e008413eef50b", [:mix], [{:hackney, "~> 1.17", [hex: :hackney, repo: "hexpm", optional: false]}], "hexpm", "cec7b286e608371602318c414f344941d5eb0375e14cfdab605cca2fe66cba8b"}, + "unicode_util_compat": {:hex, :unicode_util_compat, "0.7.0", "bc84380c9ab48177092f43ac89e4dfa2c6d62b40b8bd132b1059ecc7232f9a78", [:rebar3], [], "hexpm", "25eee6d67df61960cf6a794239566599b09e17e668d3700247bc498638152521"}, } From 38b597aca6cd05eb8998c898050c4f3a75705954 Mon Sep 17 00:00:00 2001 From: silentsilas Date: Wed, 18 Dec 2024 19:47:07 -0500 Subject: [PATCH 2/2] formatting, remove deprecated worker/2 call, fix signing --- lib/cloudfront_signer/application.ex | 6 +++--- .../distribution_registry.ex | 21 ++++++++++++------- lib/cloudfront_signer/policy.ex | 4 ++-- lib/cloudfront_signer/signature.ex | 19 ++++++++++++++--- test/cloudfront_signer/signature_test.exs | 18 +++++++--------- 5 files changed, 41 insertions(+), 27 deletions(-) diff --git a/lib/cloudfront_signer/application.ex b/lib/cloudfront_signer/application.ex index fbc432d..23340a0 100644 --- a/lib/cloudfront_signer/application.ex +++ b/lib/cloudfront_signer/application.ex @@ -1,12 +1,12 @@ defmodule CloudfrontSigner.Application do use Application - import Supervisor.Spec def start(_type, _args) do children = [ - worker(CloudfrontSigner.DistributionRegistry, []) + CloudfrontSigner.DistributionRegistry ] + opts = [strategy: :one_for_one, name: CloudfrontSigner.Application.Supervisor] Supervisor.start_link(children, opts) end -end \ No newline at end of file +end diff --git a/lib/cloudfront_signer/distribution_registry.ex b/lib/cloudfront_signer/distribution_registry.ex index ba2a819..2cf7e21 100644 --- a/lib/cloudfront_signer/distribution_registry.ex +++ b/lib/cloudfront_signer/distribution_registry.ex @@ -5,16 +5,21 @@ defmodule CloudfrontSigner.DistributionRegistry do use Agent alias CloudfrontSigner.Distribution - def start_link() do + def start_link(_) do Agent.start_link(fn -> %{} end, name: __MODULE__) end def get_distribution(scope, key) do - Agent.get_and_update(__MODULE__, &Map.get_and_update(&1, {scope, key}, fn - nil -> - dist = Distribution.from_config(scope, key) - {dist, dist} - dist -> {dist, dist} - end)) + Agent.get_and_update( + __MODULE__, + &Map.get_and_update(&1, {scope, key}, fn + nil -> + dist = Distribution.from_config(scope, key) + {dist, dist} + + dist -> + {dist, dist} + end) + ) end -end \ No newline at end of file +end diff --git a/lib/cloudfront_signer/policy.ex b/lib/cloudfront_signer/policy.ex index 494a6b8..02faba8 100644 --- a/lib/cloudfront_signer/policy.ex +++ b/lib/cloudfront_signer/policy.ex @@ -19,7 +19,7 @@ defmodule CloudfrontSigner.Policy do %{ Statement: [ %{ - Resource: resource, + Resource: resource, Condition: %{ DateLessThan: %{ "AWS:EpochTime": expiry @@ -30,4 +30,4 @@ defmodule CloudfrontSigner.Policy do } end end -end \ No newline at end of file +end diff --git a/lib/cloudfront_signer/signature.ex b/lib/cloudfront_signer/signature.ex index d8a880f..5239e0d 100644 --- a/lib/cloudfront_signer/signature.ex +++ b/lib/cloudfront_signer/signature.ex @@ -7,19 +7,32 @@ defmodule CloudfrontSigner.Signature do @doc """ Converts a `Policy.t` struct to a cloudfront signature for the given private key """ - @spec signature(Policy.t, tuple) :: binary + @spec signature(Policy.t(), tuple) :: binary def signature(%Policy{} = policy, private_key) do to_string(policy) - |> :public_key.sign(:sha, private_key) + |> sign(private_key) |> Base.encode64() |> String.to_charlist() |> Enum.map(&replace/1) |> to_string() end + # Unsure why, but needed to prehash the policy before signing + # Instead of letting :public_key/sign directly handle hashing to get around a bug + defp sign( + policy, + private_key + ) do + :public_key.sign( + :crypto.hash(:sha, policy), + :none, + private_key + ) + end + @compile {:inline, replace: 1} defp replace(?+), do: ?- defp replace(?=), do: ?_ defp replace(?/), do: ?~ defp replace(c), do: c -end \ No newline at end of file +end diff --git a/test/cloudfront_signer/signature_test.exs b/test/cloudfront_signer/signature_test.exs index 5f1561d..ecebe87 100644 --- a/test/cloudfront_signer/signature_test.exs +++ b/test/cloudfront_signer/signature_test.exs @@ -2,17 +2,13 @@ defmodule CloudfrontSigner.SignatureTest do use ExUnit.Case, async: true @correct_signature """ -ToshDrR-FhIhiStqrp8kAEyQ3YGsz-P5Nh9~~lu0m5l4V-qg3K9Pp~pjYCIYR4yC -OmsN2D1JwBSNYh0hv3l0y7Z2-94hvxx----T6hewE9~kwklOgBfpIcik0AywRDmj -1mmMvhN~5xhEOcnIsErhWiZAm9EpfuHGieH850buSS3rFuNT0DF8Drxmigw7FQgK -XqwddmOaUDlGgjfTvW~n6RSvcRrKBb9Ej~Bjb7~wA8w0p8oKfSyCTGdHfEmNrTW8 -kkSi5VnIsHs1~PowwtBv2C2emPFASxKIN2j6Tf5U6Y8x4yMkweee1sr7c39No0Nk -qfabb52SQgIKgXIqIqYwsfsUYHafg9LBMpdVlJjOfIXjaLm1G9ePDQOca1ZMXuVE -LxEBY42IvHiOEeyg4fuw7tVH5DQP3vGT7FoT5NykPsZvxMusYDpfboo63SuKYxVe -rj4x6LlTdVVIrzSS-cmTSZ0y2h4Ok5MLzgW-2sD-e5vRro8H8xTwsfyp8V~wa0Em -ypd2C6WAqa19hvBqHpQx~OaClPh8KNKEZyw-kfJJAuDM~CAy4vX5J3V0XGDcgI-R -DZiZUiPXoTqRlssx-G66UMK0axZwtworvTQyJisMSbGjnRaEA9vgwKo5EEqYGaxc -HQTrKY0PC2Wcm0qUFL5QbqRqU1RL5K3DW5bPNSVdWJo_ +1c78nQoaTrZhgtyy8QtXb-L~HLVWTkwANZXlAX1eq29DuQknMjqk +ptxNb4v~-g9PGLgYDABWFD4rnjVFe2UjHnjQ0b~Z5v80WEQcxaJ8 +OIyrRXe5N6cexIVJZzgHqDYVzr-C81khBtn1wXTkcPr6PfZdtuBE +94Mp-E86VAM4Q9Oixdbt154l2piJogx~PJmU2mNV~Fbw-zQrzn~N +DL94YFOfNER5UulIvuILuNhJ3br36PWFmtlfAm~MjCI3aXEotULy +MjzTW5PhReNcprHNLBzunI4HdAKIkbvcOdxTH2hVzI66YcMLk1x1 +OuAPleMN8PtGU69lqFCb4kEBihLTzA__ """ |> String.replace(~r/\s+/, "") describe "#signature/2" do