Bump RustCrypto crates
This commit is contained in:
Emmanuel Gil Peyrot
parent
ec03a2f3e3
commit
59299e45a1
5 changed files with 25 additions and 25 deletions
|
|
@ -21,7 +21,7 @@ scram = ["base64", "getrandom", "sha-1", "sha2", "hmac", "pbkdf2"]
|
||||||
[dependencies]
|
[dependencies]
|
||||||
base64 = { version = "0.12", optional = true }
|
base64 = { version = "0.12", optional = true }
|
||||||
getrandom = { version = "0.1", optional = true }
|
getrandom = { version = "0.1", optional = true }
|
||||||
sha-1 = { version = "0.8", optional = true }
|
sha-1 = { version = "0.9", optional = true }
|
||||||
sha2 = { version = "0.8", optional = true }
|
sha2 = { version = "0.9", optional = true }
|
||||||
hmac = { version = "0.7", optional = true }
|
hmac = { version = "0.8", optional = true }
|
||||||
pbkdf2 = { version = "0.3", default-features = false, optional = true }
|
pbkdf2 = { version = "0.4", default-features = false, optional = true }
|
||||||
|
|
|
||||||
|
|
@ -80,7 +80,7 @@ impl Secret {
|
||||||
Secret::Password(Password::Plain(password.into()))
|
Secret::Password(Password::Plain(password.into()))
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn password_pbkdf2<S: Into<String>>(method: S, salt: Vec<u8>, iterations: usize, data: Vec<u8>) -> Secret {
|
pub fn password_pbkdf2<S: Into<String>>(method: S, salt: Vec<u8>, iterations: u32, data: Vec<u8>) -> Secret {
|
||||||
Secret::Password(Password::Pbkdf2 {
|
Secret::Password(Password::Pbkdf2 {
|
||||||
method: method.into(),
|
method: method.into(),
|
||||||
salt: salt,
|
salt: salt,
|
||||||
|
|
@ -99,7 +99,7 @@ pub enum Password {
|
||||||
Pbkdf2 {
|
Pbkdf2 {
|
||||||
method: String,
|
method: String,
|
||||||
salt: Vec<u8>,
|
salt: Vec<u8>,
|
||||||
iterations: usize,
|
iterations: u32,
|
||||||
data: Vec<u8>,
|
data: Vec<u8>,
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
use getrandom::{getrandom, Error as RngError};
|
use getrandom::{getrandom, Error as RngError};
|
||||||
use sha1::{Sha1 as Sha1_hash, Digest};
|
use sha1::{Sha1 as Sha1_hash, Digest};
|
||||||
use sha2::Sha256 as Sha256_hash;
|
use sha2::Sha256 as Sha256_hash;
|
||||||
use hmac::{Hmac, Mac, crypto_mac::InvalidKeyLength};
|
use hmac::{Hmac, Mac, NewMac, crypto_mac::InvalidKeyLength};
|
||||||
use pbkdf2::pbkdf2;
|
use pbkdf2::pbkdf2;
|
||||||
|
|
||||||
use crate::common::Password;
|
use crate::common::Password;
|
||||||
|
|
@ -21,7 +21,7 @@ pub fn generate_nonce() -> Result<String, RngError> {
|
||||||
pub enum DeriveError {
|
pub enum DeriveError {
|
||||||
IncompatibleHashingMethod(String, String),
|
IncompatibleHashingMethod(String, String),
|
||||||
IncorrectSalt,
|
IncorrectSalt,
|
||||||
IncompatibleIterationCount(usize, usize),
|
IncompatibleIterationCount(u32, u32),
|
||||||
}
|
}
|
||||||
|
|
||||||
impl std::fmt::Display for DeriveError {
|
impl std::fmt::Display for DeriveError {
|
||||||
|
|
@ -51,7 +51,7 @@ pub trait ScramProvider {
|
||||||
fn hmac(data: &[u8], key: &[u8]) -> Result<Vec<u8>, InvalidKeyLength>;
|
fn hmac(data: &[u8], key: &[u8]) -> Result<Vec<u8>, InvalidKeyLength>;
|
||||||
|
|
||||||
/// A function which does PBKDF2 key derivation using the hash function.
|
/// A function which does PBKDF2 key derivation using the hash function.
|
||||||
fn derive(data: &Password, salt: &[u8], iterations: usize) -> Result<Vec<u8>, DeriveError>;
|
fn derive(data: &Password, salt: &[u8], iterations: u32) -> Result<Vec<u8>, DeriveError>;
|
||||||
}
|
}
|
||||||
|
|
||||||
/// A `ScramProvider` which provides SCRAM-SHA-1 and SCRAM-SHA-1-PLUS
|
/// A `ScramProvider` which provides SCRAM-SHA-1 and SCRAM-SHA-1-PLUS
|
||||||
|
|
@ -72,14 +72,14 @@ impl ScramProvider for Sha1 {
|
||||||
fn hmac(data: &[u8], key: &[u8]) -> Result<Vec<u8>, InvalidKeyLength> {
|
fn hmac(data: &[u8], key: &[u8]) -> Result<Vec<u8>, InvalidKeyLength> {
|
||||||
type HmacSha1 = Hmac<Sha1_hash>;
|
type HmacSha1 = Hmac<Sha1_hash>;
|
||||||
let mut mac = HmacSha1::new_varkey(key)?;
|
let mut mac = HmacSha1::new_varkey(key)?;
|
||||||
mac.input(data);
|
mac.update(data);
|
||||||
let result = mac.result();
|
let result = mac.finalize();
|
||||||
let mut vec = Vec::with_capacity(Sha1_hash::output_size());
|
let mut vec = Vec::with_capacity(Sha1_hash::output_size());
|
||||||
vec.extend_from_slice(result.code().as_slice());
|
vec.extend_from_slice(result.into_bytes().as_slice());
|
||||||
Ok(vec)
|
Ok(vec)
|
||||||
}
|
}
|
||||||
|
|
||||||
fn derive(password: &Password, salt: &[u8], iterations: usize) -> Result<Vec<u8>, DeriveError> {
|
fn derive(password: &Password, salt: &[u8], iterations: u32) -> Result<Vec<u8>, DeriveError> {
|
||||||
match *password {
|
match *password {
|
||||||
Password::Plain(ref plain) => {
|
Password::Plain(ref plain) => {
|
||||||
let mut result = vec![0; 20];
|
let mut result = vec![0; 20];
|
||||||
|
|
@ -122,14 +122,14 @@ impl ScramProvider for Sha256 {
|
||||||
fn hmac(data: &[u8], key: &[u8]) -> Result<Vec<u8>, InvalidKeyLength> {
|
fn hmac(data: &[u8], key: &[u8]) -> Result<Vec<u8>, InvalidKeyLength> {
|
||||||
type HmacSha256 = Hmac<Sha256_hash>;
|
type HmacSha256 = Hmac<Sha256_hash>;
|
||||||
let mut mac = HmacSha256::new_varkey(key)?;
|
let mut mac = HmacSha256::new_varkey(key)?;
|
||||||
mac.input(data);
|
mac.update(data);
|
||||||
let result = mac.result();
|
let result = mac.finalize();
|
||||||
let mut vec = Vec::with_capacity(Sha256_hash::output_size());
|
let mut vec = Vec::with_capacity(Sha256_hash::output_size());
|
||||||
vec.extend_from_slice(result.code().as_slice());
|
vec.extend_from_slice(result.into_bytes().as_slice());
|
||||||
Ok(vec)
|
Ok(vec)
|
||||||
}
|
}
|
||||||
|
|
||||||
fn derive(password: &Password, salt: &[u8], iterations: usize) -> Result<Vec<u8>, DeriveError> {
|
fn derive(password: &Password, salt: &[u8], iterations: u32) -> Result<Vec<u8>, DeriveError> {
|
||||||
match *password {
|
match *password {
|
||||||
Password::Plain(ref plain) => {
|
Password::Plain(ref plain) => {
|
||||||
let mut result = vec![0; 32];
|
let mut result = vec![0; 32];
|
||||||
|
|
|
||||||
|
|
@ -39,7 +39,7 @@
|
||||||
//! const USERNAME: &'static str = "user";
|
//! const USERNAME: &'static str = "user";
|
||||||
//! const PASSWORD: &'static str = "pencil";
|
//! const PASSWORD: &'static str = "pencil";
|
||||||
//! const SALT: [u8; 8] = [35, 71, 92, 105, 212, 219, 114, 93];
|
//! const SALT: [u8; 8] = [35, 71, 92, 105, 212, 219, 114, 93];
|
||||||
//! const ITERATIONS: usize = 4096;
|
//! const ITERATIONS: u32 = 4096;
|
||||||
//!
|
//!
|
||||||
//! struct MyValidator;
|
//! struct MyValidator;
|
||||||
//!
|
//!
|
||||||
|
|
|
||||||
|
|
@ -5,7 +5,7 @@ pub trait Secret {}
|
||||||
|
|
||||||
pub trait Pbkdf2Secret {
|
pub trait Pbkdf2Secret {
|
||||||
fn salt(&self) -> &[u8];
|
fn salt(&self) -> &[u8];
|
||||||
fn iterations(&self) -> usize;
|
fn iterations(&self) -> u32;
|
||||||
fn digest(&self) -> &[u8];
|
fn digest(&self) -> &[u8];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -17,13 +17,13 @@ impl Secret for Plain {}
|
||||||
#[derive(Clone, Debug, PartialEq, Eq)]
|
#[derive(Clone, Debug, PartialEq, Eq)]
|
||||||
pub struct Pbkdf2Sha1 {
|
pub struct Pbkdf2Sha1 {
|
||||||
pub salt: Vec<u8>,
|
pub salt: Vec<u8>,
|
||||||
pub iterations: usize,
|
pub iterations: u32,
|
||||||
pub digest: Vec<u8>,
|
pub digest: Vec<u8>,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl Pbkdf2Sha1 {
|
impl Pbkdf2Sha1 {
|
||||||
#[cfg(feature = "scram")]
|
#[cfg(feature = "scram")]
|
||||||
pub fn derive(password: &str, salt: &[u8], iterations: usize) -> Result<Pbkdf2Sha1, DeriveError> {
|
pub fn derive(password: &str, salt: &[u8], iterations: u32) -> Result<Pbkdf2Sha1, DeriveError> {
|
||||||
use crate::common::scram::{ScramProvider, Sha1};
|
use crate::common::scram::{ScramProvider, Sha1};
|
||||||
use crate::common::Password;
|
use crate::common::Password;
|
||||||
let digest = Sha1::derive(&Password::Plain(password.to_owned()), salt, iterations)?;
|
let digest = Sha1::derive(&Password::Plain(password.to_owned()), salt, iterations)?;
|
||||||
|
|
@ -39,20 +39,20 @@ impl Secret for Pbkdf2Sha1 {}
|
||||||
|
|
||||||
impl Pbkdf2Secret for Pbkdf2Sha1 {
|
impl Pbkdf2Secret for Pbkdf2Sha1 {
|
||||||
fn salt(&self) -> &[u8] { &self.salt }
|
fn salt(&self) -> &[u8] { &self.salt }
|
||||||
fn iterations(&self) -> usize { self.iterations }
|
fn iterations(&self) -> u32 { self.iterations }
|
||||||
fn digest(&self) -> &[u8] { &self.digest }
|
fn digest(&self) -> &[u8] { &self.digest }
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Clone, Debug, PartialEq, Eq)]
|
#[derive(Clone, Debug, PartialEq, Eq)]
|
||||||
pub struct Pbkdf2Sha256 {
|
pub struct Pbkdf2Sha256 {
|
||||||
pub salt: Vec<u8>,
|
pub salt: Vec<u8>,
|
||||||
pub iterations: usize,
|
pub iterations: u32,
|
||||||
pub digest: Vec<u8>,
|
pub digest: Vec<u8>,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl Pbkdf2Sha256 {
|
impl Pbkdf2Sha256 {
|
||||||
#[cfg(feature = "scram")]
|
#[cfg(feature = "scram")]
|
||||||
pub fn derive(password: &str, salt: &[u8], iterations: usize) -> Result<Pbkdf2Sha256, DeriveError> {
|
pub fn derive(password: &str, salt: &[u8], iterations: u32) -> Result<Pbkdf2Sha256, DeriveError> {
|
||||||
use crate::common::scram::{ScramProvider, Sha256};
|
use crate::common::scram::{ScramProvider, Sha256};
|
||||||
use crate::common::Password;
|
use crate::common::Password;
|
||||||
let digest = Sha256::derive(&Password::Plain(password.to_owned()), salt, iterations)?;
|
let digest = Sha256::derive(&Password::Plain(password.to_owned()), salt, iterations)?;
|
||||||
|
|
@ -68,6 +68,6 @@ impl Secret for Pbkdf2Sha256 {}
|
||||||
|
|
||||||
impl Pbkdf2Secret for Pbkdf2Sha256 {
|
impl Pbkdf2Secret for Pbkdf2Sha256 {
|
||||||
fn salt(&self) -> &[u8] { &self.salt }
|
fn salt(&self) -> &[u8] { &self.salt }
|
||||||
fn iterations(&self) -> usize { self.iterations }
|
fn iterations(&self) -> u32 { self.iterations }
|
||||||
fn digest(&self) -> &[u8] { &self.digest }
|
fn digest(&self) -> &[u8] { &self.digest }
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue