invertase · kosukesaigusa · Feb 9, 2024 · Feb 9, 2024 · Feb 9, 2024 · rrousselGit
diff --git a/packages/dart_firebase_admin/lib/src/utils/crypto_signer.dart b/packages/dart_firebase_admin/lib/src/utils/crypto_signer.dart
@@ -1,10 +1,10 @@
 import 'dart:convert';
 import 'dart:typed_data';
 
-import 'package:crypto/crypto.dart';
 import 'package:googleapis_auth/googleapis_auth.dart' as auth;
 import 'package:http/http.dart' as http;
 import 'package:meta/meta.dart';
+import 'package:pointycastle/pointycastle.dart';
 
 import '../../dart_firebase_admin.dart';
 
@@ -107,11 +107,33 @@ class _ServiceAccountSigner implements CryptoSigner {
 
   @override
   Future<Uint8List> sign(Uint8List buffer) async {
-    final key = utf8.encode(credential.privateKey);
-    final hmac = Hmac(sha256, key);
-    final digest = hmac.convert(buffer);
+    final rsaPrivateKey = _parsePrivateKeyFromPem();
+    final signer = Signer('SHA-256/RSA')
+      ..init(true, PrivateKeyParameter<RSAPrivateKey>(rsaPrivateKey));
+    final signature = signer.generateSignature(buffer) as RSASignature;
+    return signature.bytes;
+  }
+
+  RSAPrivateKey _parsePrivateKeyFromPem() {
+    final privateKeyString = credential.privateKey
+        .replaceAll('-----BEGIN PRIVATE KEY-----', '')
+        .replaceAll('-----END PRIVATE KEY-----', '')
+        .replaceAll('\n', '');
+    final privateKeyDER = base64Decode(privateKeyString);
+
+    final asn1Parser = ASN1Parser(Uint8List.fromList(privateKeyDER));
+    final topLevelSequence = asn1Parser.nextObject() as ASN1Sequence;
+    final privateKeyOctet = topLevelSequence.elements![2] as ASN1OctetString;
+
+    final privateKeyParser = ASN1Parser(privateKeyOctet.valueBytes);
+    final privatekeySequence = privateKeyParser.nextObject() as ASN1Sequence;
+
+    final modulus = (privatekeySequence.elements![1] as ASN1Integer).integer!;
+    final exponent = (privatekeySequence.elements![3] as ASN1Integer).integer!;
+    final p = (privatekeySequence.elements![4] as ASN1Integer).integer;
+    final q = (privatekeySequence.elements![5] as ASN1Integer).integer;
 
-    return Uint8List.fromList(digest.bytes);
+    return RSAPrivateKey(modulus, exponent, p, q);
   }
 }
 

diff --git a/packages/dart_firebase_admin/pubspec.yaml b/packages/dart_firebase_admin/pubspec.yaml
@@ -9,14 +9,14 @@ environment:
 
 dependencies:
   collection: ^1.18.0
-  crypto: ^3.0.3
   dart_jsonwebtoken: ^2.11.0
   firebaseapis: ^0.2.0
   freezed_annotation: ^2.4.1
   googleapis_auth: ^1.3.0
   http: ^1.0.0
   intl: ^0.19.0
   meta: ^1.9.1
+  pointycastle: ^3.7.4
 
 dev_dependencies:
   build_runner: ^2.4.7