Improve RSA key file generation and reads

[zacknewman]

Currently main::check_rsa_keys, auth::PRIVATE_RSA_KEY, and auth::PUBLIC_RSA_KEY rely on a lot of separate I/O calls and a few avoidable assumptions which leads to TOCTOU race conditions and a loss in data integrity (e.g., when the public key file exists, there is no validation done to ensure it matches what it should be based on the private key). The change I propose avoids all of those issues. Additionally, integrating the change is highly localized since there is so little code that relies on the RSA key data.

Public keys can be generated from private keys which allows us to avoid the public key file altogether. By always generating the public key from the private key data, we don't have to worry about an invalid public key file. The job is then to read or create/write the private key file using only a single operation avoiding TOCTOU race conditions. The below code relies on std::sync::OnceLock, but it would be trivial to adjust it to use once_cell::sync::Lazy.

Snippet of auth.rs (edited to add a check that ensures an existing RSA key is 2048-bits):

static RSA_KEYS: OnceLock<(EncodingKey, DecodingKey)> = OnceLock::new();
#[allow(clippy::verbose_file_reads)]
pub fn init_rsa_keys() -> Result<(), Error> {
    let mut priv_file = File::options()
        .create(true)
        .read(true)
        .write(true)
        .open(CONFIG.private_rsa_key())?;
    let mut priv_pem = Vec::with_capacity(2048);
    let priv_key = if priv_file.read_to_end(&mut priv_pem)? == 0 {
        let rsa_key = openssl::rsa::Rsa::generate(2048)?;
        priv_pem = rsa_key.private_key_to_pem()?;
        priv_file.write_all(priv_pem.as_slice())?;
        rsa_key
    } else {
        let rsa_key = Rsa::private_key_from_pem(priv_pem.as_slice())?;
        if rsa_key.size() == 2048 {
            rsa_key
        } else {
            panic!("{} is not a 2048-bit key", CONFIG.private_rsa_key())
        }
    };
    assert!(
        RSA_KEYS
            .set((
                EncodingKey::from_rsa_pem(priv_pem.as_slice())?,
                DecodingKey::from_rsa_pem(priv_key.public_key_to_pem()?.as_slice())?
            ))
            .is_ok(),
        "RSA_KEYS must only be initialized once"
    );
    Ok(())
}
fn get_private_rsa_key() -> &'static EncodingKey {
    &RSA_KEYS
        .get()
        .expect("RSA_KEYS must be initialized in main")
        .0
}
fn get_public_rsa_key() -> &'static DecodingKey {
    &RSA_KEYS
        .get()
        .expect("RSA_KEYS must be initialized in main")
        .1
}

snippet of main.rs:

#[rocket::main]
async fn main() -> Result<(), Error> {
    parse_args();
    launch_info();

    use log::LevelFilter as LF;
    let level = LF::from_str(&CONFIG.log_level()).expect("Valid log level");
    init_logging(level).ok();

    let extra_debug = matches!(level, LF::Trace | LF::Debug);

    check_data_folder().await;
    auth::init_rsa_keys().unwrap_or_else(|_| {
        error!("Error creating keys, exiting...");
        exit(1);
    });