Switch to RustCrypto for Hmac.

This commit is contained in:
Emmanuel Gil Peyrot 2019-01-17 23:40:46 +01:00
parent a661868099
commit 4a94ac3fe7
2 changed files with 16 additions and 10 deletions

View file

@ -22,6 +22,7 @@ scram = ["openssl"]
base64 = "0.10" base64 = "0.10"
sha-1 = "0.8" sha-1 = "0.8"
sha2 = "0.8" sha2 = "0.8"
hmac = "0.7"
[dependencies.openssl] [dependencies.openssl]
version = "0.10.7" version = "0.10.7"

View file

@ -1,11 +1,10 @@
use openssl::pkcs5::pbkdf2_hmac; use openssl::pkcs5::pbkdf2_hmac;
use openssl::hash::MessageDigest; use openssl::hash::MessageDigest;
use openssl::sign::Signer;
use openssl::pkey::PKey;
use openssl::rand::rand_bytes; use openssl::rand::rand_bytes;
use openssl::error::ErrorStack; use openssl::error::ErrorStack;
use sha1::{Sha1 as Sha1_hash, Digest}; use sha1::{Sha1 as Sha1_hash, Digest};
use sha2::Sha256 as Sha256_hash; use sha2::Sha256 as Sha256_hash;
use hmac::{Hmac, Mac};
use crate::common::Password; use crate::common::Password;
@ -54,10 +53,13 @@ impl ScramProvider for Sha1 { // TODO: look at all these unwraps
} }
fn hmac(data: &[u8], key: &[u8]) -> Vec<u8> { fn hmac(data: &[u8], key: &[u8]) -> Vec<u8> {
let pkey = PKey::hmac(key).unwrap(); type HmacSha1 = Hmac<Sha1_hash>;
let mut signer = Signer::new(MessageDigest::sha1(), &pkey).unwrap(); let mut mac = HmacSha1::new_varkey(key).unwrap();
signer.update(data).unwrap(); mac.input(data);
signer.sign_to_vec().unwrap() let result = mac.result();
let mut vec = Vec::with_capacity(Sha1_hash::output_size());
vec.extend_from_slice(result.code().as_slice());
vec
} }
fn derive(password: &Password, salt: &[u8], iterations: usize) -> Result<Vec<u8>, String> { fn derive(password: &Password, salt: &[u8], iterations: usize) -> Result<Vec<u8>, String> {
@ -101,10 +103,13 @@ impl ScramProvider for Sha256 { // TODO: look at all these unwraps
} }
fn hmac(data: &[u8], key: &[u8]) -> Vec<u8> { fn hmac(data: &[u8], key: &[u8]) -> Vec<u8> {
let pkey = PKey::hmac(key).unwrap(); type HmacSha256 = Hmac<Sha256_hash>;
let mut signer = Signer::new(MessageDigest::sha256(), &pkey).unwrap(); let mut mac = HmacSha256::new_varkey(key).unwrap();
signer.update(data).unwrap(); mac.input(data);
signer.sign_to_vec().unwrap() let result = mac.result();
let mut vec = Vec::with_capacity(Sha256_hash::output_size());
vec.extend_from_slice(result.code().as_slice());
vec
} }
fn derive(password: &Password, salt: &[u8], iterations: usize) -> Result<Vec<u8>, String> { fn derive(password: &Password, salt: &[u8], iterations: usize) -> Result<Vec<u8>, String> {