Update aes dependency

Cargo.lock

@@ -270,6 +270,16 @@ dependencies = [
  "generic-array",
 ]
 
+[[package]]
+name = "aead"
+version = "0.5.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5c192eb8f11fc081b0fe4259ba5af04217d4e0faddd02417310a927911abd7c8"
+dependencies = [
+ "crypto-common",
+ "generic-array",
+]
+
 [[package]]
 name = "aes"
 version = "0.7.5"
@@ -282,17 +292,42 @@ dependencies = [
  "opaque-debug",
 ]
 
+[[package]]
+name = "aes"
+version = "0.8.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bfe0133578c0986e1fe3dfcd4af1cc5b2dd6c3dbf534d69916ce16a2701d40ba"
+dependencies = [
+ "cfg-if",
+ "cipher 0.4.3",
+ "cpufeatures",
+]
+
 [[package]]
 name = "aes-gcm"
 version = "0.9.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "df5f85a83a7d8b0442b6aa7b504b8212c1733da07b98aae43d4bc21b2cb3cdf6"
 dependencies = [
- "aead",
- "aes",
+ "aead 0.4.3",
+ "aes 0.7.5",
  "cipher 0.3.0",
- "ctr",
- "ghash",
+ "ctr 0.8.0",
+ "ghash 0.4.4",
+ "subtle",
+]
+
+[[package]]
+name = "aes-gcm"
+version = "0.10.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "82e1366e0c69c9f927b1fa5ce2c7bf9eafc8f9268c0b9800729e8b267612447c"
+dependencies = [
+ "aead 0.5.1",
+ "aes 0.8.1",
+ "cipher 0.4.3",
+ "ctr 0.9.1",
+ "ghash 0.5.0",
  "subtle",
 ]
 
@@ -454,7 +489,7 @@ dependencies = [
  "actix-identity",
  "actix-session",
  "actix-web",
- "aes-gcm",
+ "aes-gcm 0.10.1",
  "askama",
  "base32",
  "base64",
@@ -711,7 +746,7 @@ version = "0.16.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "94d4706de1b0fa5b132270cddffa8585166037822e260a944fe161acd137ca05"
 dependencies = [
- "aes-gcm",
+ "aes-gcm 0.9.4",
  "base64",
  "hkdf",
  "hmac 0.12.1",
@@ -816,6 +851,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3"
 dependencies = [
  "generic-array",
+ "rand_core",
  "typenum",
 ]
 
@@ -844,6 +880,15 @@ dependencies = [
  "cipher 0.3.0",
 ]
 
+[[package]]
+name = "ctr"
+version = "0.9.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0d14f329cfbaf5d0e06b5e87fff7e265d2673c5ea7d2c27691a2c107db1442a0"
+dependencies = [
+ "cipher 0.4.3",
+]
+
 [[package]]
 name = "deflate"
 version = "1.0.0"
@@ -1133,7 +1178,17 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "1583cc1656d7839fd3732b80cf4f38850336cdb9b8ded1cd399ca62958de3c99"
 dependencies = [
  "opaque-debug",
- "polyval",
+ "polyval 0.5.3",
+]
+
+[[package]]
+name = "ghash"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d930750de5717d2dd0b8c0d42c076c0e884c81a73e6cab859bbd2339c71e3e40"
+dependencies = [
+ "opaque-debug",
+ "polyval 0.6.0",
 ]
 
 [[package]]
@@ -1907,7 +1962,19 @@ dependencies = [
  "cfg-if",
  "cpufeatures",
  "opaque-debug",
- "universal-hash",
+ "universal-hash 0.4.1",
+]
+
+[[package]]
+name = "polyval"
+version = "0.6.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7ef234e08c11dfcb2e56f79fd70f6f2eb7f025c0ce2333e82f4f0518ecad30c6"
+dependencies = [
+ "cfg-if",
+ "cpufeatures",
+ "opaque-debug",
+ "universal-hash 0.5.0",
 ]
 
 [[package]]
@@ -2585,6 +2652,16 @@ dependencies = [
  "subtle",
 ]
 
+[[package]]
+name = "universal-hash"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7d3160b73c9a19f7e2939a2fdad446c57c1bbbbf4d919d3213ff1267a580d8b5"
+dependencies = [
+ "crypto-common",
+ "subtle",
+]
+
 [[package]]
 name = "unsafe-libyaml"
 version = "0.2.2"

Cargo.toml

@@ -34,5 +34,5 @@ base32 = "0.4.0"
 qrcode-generator = "4.1.6"
 webauthn-rs = "0.3.2"
 url = "2.2.2"
-aes-gcm = { version = "0.9.4", features = ["aes"] }
+aes-gcm = { version = "0.10.1", features = ["aes"] }
 bincode = "1.3.3"

src/data/crypto_wrapper.rs

@@ -1,8 +1,7 @@
 use std::io::ErrorKind;
 
-use aes_gcm::{Aes256Gcm, Key, Nonce};
-use aes_gcm::aead::Aead;
-use aes_gcm::NewAead;
+use aes_gcm::{Aes256Gcm, Key, KeyInit, Nonce};
+use aes_gcm::aead::{Aead, OsRng};
 use rand::Rng;
 use serde::de::DeserializeOwned;
 use serde::Serialize;
@@ -10,21 +9,20 @@ use serde::Serialize;
 use crate::utils::err::Res;
 
 const NONCE_LEN: usize = 12;
-const KEY_LEN: usize = 32;
 
 pub struct CryptoWrapper {
-    key: Vec<u8>,
+    key: Key<Aes256Gcm>,
 }
 
 impl CryptoWrapper {
     /// Generate a new memory wrapper
     pub fn new_random() -> Self {
-        Self { key: (0..KEY_LEN).map(|_| { rand::random::<u8>() }).collect() }
+        Self { key: Aes256Gcm::generate_key(&mut OsRng) }
     }
 
     /// Encrypt some data
     pub fn encrypt<T: Serialize + DeserializeOwned>(&self, data: &T) -> Res<String> {
-        let aes_key = Aes256Gcm::new(Key::from_slice(&self.key));
+        let aes_key = Aes256Gcm::new(&self.key);
         let nonce_bytes = rand::thread_rng().gen::<[u8; NONCE_LEN]>();
 
         let serialized_data = bincode::serialize(data)?;
@@ -49,7 +47,7 @@ impl CryptoWrapper {
         let (enc, nonce) = bytes.split_at(bytes.len() - NONCE_LEN);
         assert_eq!(nonce.len(), NONCE_LEN);
 
-        let aes_key = Aes256Gcm::new(Key::from_slice(&self.key));
+        let aes_key = Aes256Gcm::new(&self.key);
 
         let dec = match aes_key.decrypt(Nonce::from_slice(nonce), enc) {
             Ok(d) => d,

src/utils/string_utils.rs

@@ -30,4 +30,26 @@ pub fn apply_env_vars(val: &str) -> String {
     }
 
     val
+}
+
+#[cfg(test)]
+mod test {
+    use std::env;
+    use crate::utils::string_utils::apply_env_vars;
+
+    const VAR_ONE: &str = "VAR_ONE";
+    #[test]
+    fn test_apply_env_var() {
+        env::set_var(VAR_ONE, "good");
+        let src = format!("This is ${{{}}}", VAR_ONE);
+        assert_eq!("This is good", apply_env_vars(&src));
+    }
+
+    const VAR_INVALID: &str = "VAR_INV@LID";
+
+    #[test]
+    fn test_invalid_var_syntax() {
+        let src = format!("This is ${{{}}}", VAR_INVALID);
+        assert_eq!(src, apply_env_vars(&src));
+    }
 }