diff --git a/sasl/Cargo.toml b/sasl/Cargo.toml index c94be0c9..e8101790 100644 --- a/sasl/Cargo.toml +++ b/sasl/Cargo.toml @@ -21,7 +21,7 @@ scram = ["base64", "getrandom", "sha-1", "sha2", "hmac", "pbkdf2"] [dependencies] base64 = { version = "0.12", optional = true } getrandom = { version = "0.1", optional = true } -sha-1 = { version = "0.8", optional = true } -sha2 = { version = "0.8", optional = true } -hmac = { version = "0.7", optional = true } -pbkdf2 = { version = "0.3", default-features = false, optional = true } +sha-1 = { version = "0.9", optional = true } +sha2 = { version = "0.9", optional = true } +hmac = { version = "0.8", optional = true } +pbkdf2 = { version = "0.4", default-features = false, optional = true } diff --git a/sasl/src/common/mod.rs b/sasl/src/common/mod.rs index 21444f78..a0922f11 100644 --- a/sasl/src/common/mod.rs +++ b/sasl/src/common/mod.rs @@ -83,7 +83,7 @@ impl Secret { pub fn password_pbkdf2>( method: S, salt: Vec, - iterations: usize, + iterations: u32, data: Vec, ) -> Secret { Secret::Password(Password::Pbkdf2 { @@ -104,7 +104,7 @@ pub enum Password { Pbkdf2 { method: String, salt: Vec, - iterations: usize, + iterations: u32, data: Vec, }, } diff --git a/sasl/src/common/scram.rs b/sasl/src/common/scram.rs index 4060ce46..6ac52f12 100644 --- a/sasl/src/common/scram.rs +++ b/sasl/src/common/scram.rs @@ -1,5 +1,5 @@ use getrandom::{getrandom, Error as RngError}; -use hmac::{crypto_mac::InvalidKeyLength, Hmac, Mac}; +use hmac::{crypto_mac::InvalidKeyLength, Hmac, Mac, NewMac}; use pbkdf2::pbkdf2; use sha1::{Digest, Sha1 as Sha1_hash}; use sha2::Sha256 as Sha256_hash; @@ -21,7 +21,7 @@ pub fn generate_nonce() -> Result { pub enum DeriveError { IncompatibleHashingMethod(String, String), IncorrectSalt, - IncompatibleIterationCount(usize, usize), + IncompatibleIterationCount(u32, u32), } impl std::fmt::Display for DeriveError { @@ -55,7 +55,7 @@ pub trait ScramProvider { fn hmac(data: &[u8], key: &[u8]) -> Result, InvalidKeyLength>; /// A function which does PBKDF2 key derivation using the hash function. - fn derive(data: &Password, salt: &[u8], iterations: usize) -> Result, DeriveError>; + fn derive(data: &Password, salt: &[u8], iterations: u32) -> Result, DeriveError>; } /// A `ScramProvider` which provides SCRAM-SHA-1 and SCRAM-SHA-1-PLUS @@ -78,14 +78,14 @@ impl ScramProvider for Sha1 { fn hmac(data: &[u8], key: &[u8]) -> Result, InvalidKeyLength> { type HmacSha1 = Hmac; let mut mac = HmacSha1::new_varkey(key)?; - mac.input(data); - let result = mac.result(); + mac.update(data); + let result = mac.finalize(); let mut vec = Vec::with_capacity(Sha1_hash::output_size()); - vec.extend_from_slice(result.code().as_slice()); + vec.extend_from_slice(result.into_bytes().as_slice()); Ok(vec) } - fn derive(password: &Password, salt: &[u8], iterations: usize) -> Result, DeriveError> { + fn derive(password: &Password, salt: &[u8], iterations: u32) -> Result, DeriveError> { match *password { Password::Plain(ref plain) => { let mut result = vec![0; 20]; @@ -138,14 +138,14 @@ impl ScramProvider for Sha256 { fn hmac(data: &[u8], key: &[u8]) -> Result, InvalidKeyLength> { type HmacSha256 = Hmac; let mut mac = HmacSha256::new_varkey(key)?; - mac.input(data); - let result = mac.result(); + mac.update(data); + let result = mac.finalize(); let mut vec = Vec::with_capacity(Sha256_hash::output_size()); - vec.extend_from_slice(result.code().as_slice()); + vec.extend_from_slice(result.into_bytes().as_slice()); Ok(vec) } - fn derive(password: &Password, salt: &[u8], iterations: usize) -> Result, DeriveError> { + fn derive(password: &Password, salt: &[u8], iterations: u32) -> Result, DeriveError> { match *password { Password::Plain(ref plain) => { let mut result = vec![0; 32]; diff --git a/sasl/src/lib.rs b/sasl/src/lib.rs index 9684814c..f99d062b 100644 --- a/sasl/src/lib.rs +++ b/sasl/src/lib.rs @@ -39,7 +39,7 @@ //! const USERNAME: &'static str = "user"; //! const PASSWORD: &'static str = "pencil"; //! const SALT: [u8; 8] = [35, 71, 92, 105, 212, 219, 114, 93]; -//! const ITERATIONS: usize = 4096; +//! const ITERATIONS: u32 = 4096; //! //! struct MyValidator; //! diff --git a/sasl/src/secret.rs b/sasl/src/secret.rs index 05b5850b..bfd5b4e5 100644 --- a/sasl/src/secret.rs +++ b/sasl/src/secret.rs @@ -5,7 +5,7 @@ pub trait Secret {} pub trait Pbkdf2Secret { fn salt(&self) -> &[u8]; - fn iterations(&self) -> usize; + fn iterations(&self) -> u32; fn digest(&self) -> &[u8]; } @@ -17,17 +17,13 @@ impl Secret for Plain {} #[derive(Clone, Debug, PartialEq, Eq)] pub struct Pbkdf2Sha1 { pub salt: Vec, - pub iterations: usize, + pub iterations: u32, pub digest: Vec, } impl Pbkdf2Sha1 { #[cfg(feature = "scram")] - pub fn derive( - password: &str, - salt: &[u8], - iterations: usize, - ) -> Result { + pub fn derive(password: &str, salt: &[u8], iterations: u32) -> Result { use crate::common::scram::{ScramProvider, Sha1}; use crate::common::Password; let digest = Sha1::derive(&Password::Plain(password.to_owned()), salt, iterations)?; @@ -45,7 +41,7 @@ impl Pbkdf2Secret for Pbkdf2Sha1 { fn salt(&self) -> &[u8] { &self.salt } - fn iterations(&self) -> usize { + fn iterations(&self) -> u32 { self.iterations } fn digest(&self) -> &[u8] { @@ -56,7 +52,7 @@ impl Pbkdf2Secret for Pbkdf2Sha1 { #[derive(Clone, Debug, PartialEq, Eq)] pub struct Pbkdf2Sha256 { pub salt: Vec, - pub iterations: usize, + pub iterations: u32, pub digest: Vec, } @@ -65,7 +61,7 @@ impl Pbkdf2Sha256 { pub fn derive( password: &str, salt: &[u8], - iterations: usize, + iterations: u32, ) -> Result { use crate::common::scram::{ScramProvider, Sha256}; use crate::common::Password; @@ -84,7 +80,7 @@ impl Pbkdf2Secret for Pbkdf2Sha256 { fn salt(&self) -> &[u8] { &self.salt } - fn iterations(&self) -> usize { + fn iterations(&self) -> u32 { self.iterations } fn digest(&self) -> &[u8] {