Bump RustCrypto crates
This commit is contained in:
Emmanuel Gil Peyrot
parent
5550148149
commit
af1d3c924a
5 changed files with 25 additions and 29 deletions
|
|
@ -21,7 +21,7 @@ scram = ["base64", "getrandom", "sha-1", "sha2", "hmac", "pbkdf2"]
|
||||||
[dependencies]
|
[dependencies]
|
||||||
base64 = { version = "0.12", optional = true }
|
base64 = { version = "0.12", optional = true }
|
||||||
getrandom = { version = "0.1", optional = true }
|
getrandom = { version = "0.1", optional = true }
|
||||||
sha-1 = { version = "0.8", optional = true }
|
sha-1 = { version = "0.9", optional = true }
|
||||||
sha2 = { version = "0.8", optional = true }
|
sha2 = { version = "0.9", optional = true }
|
||||||
hmac = { version = "0.7", optional = true }
|
hmac = { version = "0.8", optional = true }
|
||||||
pbkdf2 = { version = "0.3", default-features = false, optional = true }
|
pbkdf2 = { version = "0.4", default-features = false, optional = true }
|
||||||
|
|
|
||||||
|
|
@ -83,7 +83,7 @@ impl Secret {
|
||||||
pub fn password_pbkdf2<S: Into<String>>(
|
pub fn password_pbkdf2<S: Into<String>>(
|
||||||
method: S,
|
method: S,
|
||||||
salt: Vec<u8>,
|
salt: Vec<u8>,
|
||||||
iterations: usize,
|
iterations: u32,
|
||||||
data: Vec<u8>,
|
data: Vec<u8>,
|
||||||
) -> Secret {
|
) -> Secret {
|
||||||
Secret::Password(Password::Pbkdf2 {
|
Secret::Password(Password::Pbkdf2 {
|
||||||
|
|
@ -104,7 +104,7 @@ pub enum Password {
|
||||||
Pbkdf2 {
|
Pbkdf2 {
|
||||||
method: String,
|
method: String,
|
||||||
salt: Vec<u8>,
|
salt: Vec<u8>,
|
||||||
iterations: usize,
|
iterations: u32,
|
||||||
data: Vec<u8>,
|
data: Vec<u8>,
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,5 @@
|
||||||
use getrandom::{getrandom, Error as RngError};
|
use getrandom::{getrandom, Error as RngError};
|
||||||
use hmac::{crypto_mac::InvalidKeyLength, Hmac, Mac};
|
use hmac::{crypto_mac::InvalidKeyLength, Hmac, Mac, NewMac};
|
||||||
use pbkdf2::pbkdf2;
|
use pbkdf2::pbkdf2;
|
||||||
use sha1::{Digest, Sha1 as Sha1_hash};
|
use sha1::{Digest, Sha1 as Sha1_hash};
|
||||||
use sha2::Sha256 as Sha256_hash;
|
use sha2::Sha256 as Sha256_hash;
|
||||||
|
|
@ -21,7 +21,7 @@ pub fn generate_nonce() -> Result<String, RngError> {
|
||||||
pub enum DeriveError {
|
pub enum DeriveError {
|
||||||
IncompatibleHashingMethod(String, String),
|
IncompatibleHashingMethod(String, String),
|
||||||
IncorrectSalt,
|
IncorrectSalt,
|
||||||
IncompatibleIterationCount(usize, usize),
|
IncompatibleIterationCount(u32, u32),
|
||||||
}
|
}
|
||||||
|
|
||||||
impl std::fmt::Display for DeriveError {
|
impl std::fmt::Display for DeriveError {
|
||||||
|
|
@ -55,7 +55,7 @@ pub trait ScramProvider {
|
||||||
fn hmac(data: &[u8], key: &[u8]) -> Result<Vec<u8>, InvalidKeyLength>;
|
fn hmac(data: &[u8], key: &[u8]) -> Result<Vec<u8>, InvalidKeyLength>;
|
||||||
|
|
||||||
/// A function which does PBKDF2 key derivation using the hash function.
|
/// A function which does PBKDF2 key derivation using the hash function.
|
||||||
fn derive(data: &Password, salt: &[u8], iterations: usize) -> Result<Vec<u8>, DeriveError>;
|
fn derive(data: &Password, salt: &[u8], iterations: u32) -> Result<Vec<u8>, DeriveError>;
|
||||||
}
|
}
|
||||||
|
|
||||||
/// A `ScramProvider` which provides SCRAM-SHA-1 and SCRAM-SHA-1-PLUS
|
/// A `ScramProvider` which provides SCRAM-SHA-1 and SCRAM-SHA-1-PLUS
|
||||||
|
|
@ -78,14 +78,14 @@ impl ScramProvider for Sha1 {
|
||||||
fn hmac(data: &[u8], key: &[u8]) -> Result<Vec<u8>, InvalidKeyLength> {
|
fn hmac(data: &[u8], key: &[u8]) -> Result<Vec<u8>, InvalidKeyLength> {
|
||||||
type HmacSha1 = Hmac<Sha1_hash>;
|
type HmacSha1 = Hmac<Sha1_hash>;
|
||||||
let mut mac = HmacSha1::new_varkey(key)?;
|
let mut mac = HmacSha1::new_varkey(key)?;
|
||||||
mac.input(data);
|
mac.update(data);
|
||||||
let result = mac.result();
|
let result = mac.finalize();
|
||||||
let mut vec = Vec::with_capacity(Sha1_hash::output_size());
|
let mut vec = Vec::with_capacity(Sha1_hash::output_size());
|
||||||
vec.extend_from_slice(result.code().as_slice());
|
vec.extend_from_slice(result.into_bytes().as_slice());
|
||||||
Ok(vec)
|
Ok(vec)
|
||||||
}
|
}
|
||||||
|
|
||||||
fn derive(password: &Password, salt: &[u8], iterations: usize) -> Result<Vec<u8>, DeriveError> {
|
fn derive(password: &Password, salt: &[u8], iterations: u32) -> Result<Vec<u8>, DeriveError> {
|
||||||
match *password {
|
match *password {
|
||||||
Password::Plain(ref plain) => {
|
Password::Plain(ref plain) => {
|
||||||
let mut result = vec![0; 20];
|
let mut result = vec![0; 20];
|
||||||
|
|
@ -138,14 +138,14 @@ impl ScramProvider for Sha256 {
|
||||||
fn hmac(data: &[u8], key: &[u8]) -> Result<Vec<u8>, InvalidKeyLength> {
|
fn hmac(data: &[u8], key: &[u8]) -> Result<Vec<u8>, InvalidKeyLength> {
|
||||||
type HmacSha256 = Hmac<Sha256_hash>;
|
type HmacSha256 = Hmac<Sha256_hash>;
|
||||||
let mut mac = HmacSha256::new_varkey(key)?;
|
let mut mac = HmacSha256::new_varkey(key)?;
|
||||||
mac.input(data);
|
mac.update(data);
|
||||||
let result = mac.result();
|
let result = mac.finalize();
|
||||||
let mut vec = Vec::with_capacity(Sha256_hash::output_size());
|
let mut vec = Vec::with_capacity(Sha256_hash::output_size());
|
||||||
vec.extend_from_slice(result.code().as_slice());
|
vec.extend_from_slice(result.into_bytes().as_slice());
|
||||||
Ok(vec)
|
Ok(vec)
|
||||||
}
|
}
|
||||||
|
|
||||||
fn derive(password: &Password, salt: &[u8], iterations: usize) -> Result<Vec<u8>, DeriveError> {
|
fn derive(password: &Password, salt: &[u8], iterations: u32) -> Result<Vec<u8>, DeriveError> {
|
||||||
match *password {
|
match *password {
|
||||||
Password::Plain(ref plain) => {
|
Password::Plain(ref plain) => {
|
||||||
let mut result = vec![0; 32];
|
let mut result = vec![0; 32];
|
||||||
|
|
|
||||||
|
|
@ -39,7 +39,7 @@
|
||||||
//! const USERNAME: &'static str = "user";
|
//! const USERNAME: &'static str = "user";
|
||||||
//! const PASSWORD: &'static str = "pencil";
|
//! const PASSWORD: &'static str = "pencil";
|
||||||
//! const SALT: [u8; 8] = [35, 71, 92, 105, 212, 219, 114, 93];
|
//! const SALT: [u8; 8] = [35, 71, 92, 105, 212, 219, 114, 93];
|
||||||
//! const ITERATIONS: usize = 4096;
|
//! const ITERATIONS: u32 = 4096;
|
||||||
//!
|
//!
|
||||||
//! struct MyValidator;
|
//! struct MyValidator;
|
||||||
//!
|
//!
|
||||||
|
|
|
||||||
|
|
@ -5,7 +5,7 @@ pub trait Secret {}
|
||||||
|
|
||||||
pub trait Pbkdf2Secret {
|
pub trait Pbkdf2Secret {
|
||||||
fn salt(&self) -> &[u8];
|
fn salt(&self) -> &[u8];
|
||||||
fn iterations(&self) -> usize;
|
fn iterations(&self) -> u32;
|
||||||
fn digest(&self) -> &[u8];
|
fn digest(&self) -> &[u8];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -17,17 +17,13 @@ impl Secret for Plain {}
|
||||||
#[derive(Clone, Debug, PartialEq, Eq)]
|
#[derive(Clone, Debug, PartialEq, Eq)]
|
||||||
pub struct Pbkdf2Sha1 {
|
pub struct Pbkdf2Sha1 {
|
||||||
pub salt: Vec<u8>,
|
pub salt: Vec<u8>,
|
||||||
pub iterations: usize,
|
pub iterations: u32,
|
||||||
pub digest: Vec<u8>,
|
pub digest: Vec<u8>,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl Pbkdf2Sha1 {
|
impl Pbkdf2Sha1 {
|
||||||
#[cfg(feature = "scram")]
|
#[cfg(feature = "scram")]
|
||||||
pub fn derive(
|
pub fn derive(password: &str, salt: &[u8], iterations: u32) -> Result<Pbkdf2Sha1, DeriveError> {
|
||||||
password: &str,
|
|
||||||
salt: &[u8],
|
|
||||||
iterations: usize,
|
|
||||||
) -> Result<Pbkdf2Sha1, DeriveError> {
|
|
||||||
use crate::common::scram::{ScramProvider, Sha1};
|
use crate::common::scram::{ScramProvider, Sha1};
|
||||||
use crate::common::Password;
|
use crate::common::Password;
|
||||||
let digest = Sha1::derive(&Password::Plain(password.to_owned()), salt, iterations)?;
|
let digest = Sha1::derive(&Password::Plain(password.to_owned()), salt, iterations)?;
|
||||||
|
|
@ -45,7 +41,7 @@ impl Pbkdf2Secret for Pbkdf2Sha1 {
|
||||||
fn salt(&self) -> &[u8] {
|
fn salt(&self) -> &[u8] {
|
||||||
&self.salt
|
&self.salt
|
||||||
}
|
}
|
||||||
fn iterations(&self) -> usize {
|
fn iterations(&self) -> u32 {
|
||||||
self.iterations
|
self.iterations
|
||||||
}
|
}
|
||||||
fn digest(&self) -> &[u8] {
|
fn digest(&self) -> &[u8] {
|
||||||
|
|
@ -56,7 +52,7 @@ impl Pbkdf2Secret for Pbkdf2Sha1 {
|
||||||
#[derive(Clone, Debug, PartialEq, Eq)]
|
#[derive(Clone, Debug, PartialEq, Eq)]
|
||||||
pub struct Pbkdf2Sha256 {
|
pub struct Pbkdf2Sha256 {
|
||||||
pub salt: Vec<u8>,
|
pub salt: Vec<u8>,
|
||||||
pub iterations: usize,
|
pub iterations: u32,
|
||||||
pub digest: Vec<u8>,
|
pub digest: Vec<u8>,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -65,7 +61,7 @@ impl Pbkdf2Sha256 {
|
||||||
pub fn derive(
|
pub fn derive(
|
||||||
password: &str,
|
password: &str,
|
||||||
salt: &[u8],
|
salt: &[u8],
|
||||||
iterations: usize,
|
iterations: u32,
|
||||||
) -> Result<Pbkdf2Sha256, DeriveError> {
|
) -> Result<Pbkdf2Sha256, DeriveError> {
|
||||||
use crate::common::scram::{ScramProvider, Sha256};
|
use crate::common::scram::{ScramProvider, Sha256};
|
||||||
use crate::common::Password;
|
use crate::common::Password;
|
||||||
|
|
@ -84,7 +80,7 @@ impl Pbkdf2Secret for Pbkdf2Sha256 {
|
||||||
fn salt(&self) -> &[u8] {
|
fn salt(&self) -> &[u8] {
|
||||||
&self.salt
|
&self.salt
|
||||||
}
|
}
|
||||||
fn iterations(&self) -> usize {
|
fn iterations(&self) -> u32 {
|
||||||
self.iterations
|
self.iterations
|
||||||
}
|
}
|
||||||
fn digest(&self) -> &[u8] {
|
fn digest(&self) -> &[u8] {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue