diff --git a/Cargo.lock b/Cargo.lock index a2495aa..b743d40 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -270,6 +270,16 @@ dependencies = [ "generic-array", ] +[[package]] +name = "aead" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c192eb8f11fc081b0fe4259ba5af04217d4e0faddd02417310a927911abd7c8" +dependencies = [ + "crypto-common", + "generic-array", +] + [[package]] name = "aes" version = "0.7.5" @@ -282,17 +292,42 @@ dependencies = [ "opaque-debug", ] +[[package]] +name = "aes" +version = "0.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bfe0133578c0986e1fe3dfcd4af1cc5b2dd6c3dbf534d69916ce16a2701d40ba" +dependencies = [ + "cfg-if", + "cipher 0.4.3", + "cpufeatures", +] + [[package]] name = "aes-gcm" version = "0.9.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "df5f85a83a7d8b0442b6aa7b504b8212c1733da07b98aae43d4bc21b2cb3cdf6" dependencies = [ - "aead", - "aes", + "aead 0.4.3", + "aes 0.7.5", "cipher 0.3.0", - "ctr", - "ghash", + "ctr 0.8.0", + "ghash 0.4.4", + "subtle", +] + +[[package]] +name = "aes-gcm" +version = "0.10.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "82e1366e0c69c9f927b1fa5ce2c7bf9eafc8f9268c0b9800729e8b267612447c" +dependencies = [ + "aead 0.5.1", + "aes 0.8.1", + "cipher 0.4.3", + "ctr 0.9.1", + "ghash 0.5.0", "subtle", ] @@ -454,7 +489,7 @@ dependencies = [ "actix-identity", "actix-session", "actix-web", - "aes-gcm", + "aes-gcm 0.10.1", "askama", "base32", "base64", @@ -711,7 +746,7 @@ version = "0.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "94d4706de1b0fa5b132270cddffa8585166037822e260a944fe161acd137ca05" dependencies = [ - "aes-gcm", + "aes-gcm 0.9.4", "base64", "hkdf", "hmac 0.12.1", @@ -816,6 +851,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" dependencies = [ "generic-array", + "rand_core", "typenum", ] @@ -844,6 +880,15 @@ dependencies = [ "cipher 0.3.0", ] +[[package]] +name = "ctr" +version = "0.9.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0d14f329cfbaf5d0e06b5e87fff7e265d2673c5ea7d2c27691a2c107db1442a0" +dependencies = [ + "cipher 0.4.3", +] + [[package]] name = "deflate" version = "1.0.0" @@ -1133,7 +1178,17 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1583cc1656d7839fd3732b80cf4f38850336cdb9b8ded1cd399ca62958de3c99" dependencies = [ "opaque-debug", - "polyval", + "polyval 0.5.3", +] + +[[package]] +name = "ghash" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d930750de5717d2dd0b8c0d42c076c0e884c81a73e6cab859bbd2339c71e3e40" +dependencies = [ + "opaque-debug", + "polyval 0.6.0", ] [[package]] @@ -1907,7 +1962,19 @@ dependencies = [ "cfg-if", "cpufeatures", "opaque-debug", - "universal-hash", + "universal-hash 0.4.1", +] + +[[package]] +name = "polyval" +version = "0.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7ef234e08c11dfcb2e56f79fd70f6f2eb7f025c0ce2333e82f4f0518ecad30c6" +dependencies = [ + "cfg-if", + "cpufeatures", + "opaque-debug", + "universal-hash 0.5.0", ] [[package]] @@ -2585,6 +2652,16 @@ dependencies = [ "subtle", ] +[[package]] +name = "universal-hash" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7d3160b73c9a19f7e2939a2fdad446c57c1bbbbf4d919d3213ff1267a580d8b5" +dependencies = [ + "crypto-common", + "subtle", +] + [[package]] name = "unsafe-libyaml" version = "0.2.2" diff --git a/Cargo.toml b/Cargo.toml index da826e2..32cb63d 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -34,5 +34,5 @@ base32 = "0.4.0" qrcode-generator = "4.1.6" webauthn-rs = "0.3.2" url = "2.2.2" -aes-gcm = { version = "0.9.4", features = ["aes"] } +aes-gcm = { version = "0.10.1", features = ["aes"] } bincode = "1.3.3" \ No newline at end of file diff --git a/src/data/crypto_wrapper.rs b/src/data/crypto_wrapper.rs index f26ce28..dfb8588 100644 --- a/src/data/crypto_wrapper.rs +++ b/src/data/crypto_wrapper.rs @@ -1,8 +1,7 @@ use std::io::ErrorKind; -use aes_gcm::{Aes256Gcm, Key, Nonce}; -use aes_gcm::aead::Aead; -use aes_gcm::NewAead; +use aes_gcm::{Aes256Gcm, Key, KeyInit, Nonce}; +use aes_gcm::aead::{Aead, OsRng}; use rand::Rng; use serde::de::DeserializeOwned; use serde::Serialize; @@ -10,21 +9,20 @@ use serde::Serialize; use crate::utils::err::Res; const NONCE_LEN: usize = 12; -const KEY_LEN: usize = 32; pub struct CryptoWrapper { - key: Vec, + key: Key, } impl CryptoWrapper { /// Generate a new memory wrapper pub fn new_random() -> Self { - Self { key: (0..KEY_LEN).map(|_| { rand::random::() }).collect() } + Self { key: Aes256Gcm::generate_key(&mut OsRng) } } /// Encrypt some data pub fn encrypt(&self, data: &T) -> Res { - let aes_key = Aes256Gcm::new(Key::from_slice(&self.key)); + let aes_key = Aes256Gcm::new(&self.key); let nonce_bytes = rand::thread_rng().gen::<[u8; NONCE_LEN]>(); let serialized_data = bincode::serialize(data)?; @@ -49,7 +47,7 @@ impl CryptoWrapper { let (enc, nonce) = bytes.split_at(bytes.len() - NONCE_LEN); assert_eq!(nonce.len(), NONCE_LEN); - let aes_key = Aes256Gcm::new(Key::from_slice(&self.key)); + let aes_key = Aes256Gcm::new(&self.key); let dec = match aes_key.decrypt(Nonce::from_slice(nonce), enc) { Ok(d) => d, diff --git a/src/utils/string_utils.rs b/src/utils/string_utils.rs index 418d924..2427066 100644 --- a/src/utils/string_utils.rs +++ b/src/utils/string_utils.rs @@ -30,4 +30,26 @@ pub fn apply_env_vars(val: &str) -> String { } val +} + +#[cfg(test)] +mod test { + use std::env; + use crate::utils::string_utils::apply_env_vars; + + const VAR_ONE: &str = "VAR_ONE"; + #[test] + fn test_apply_env_var() { + env::set_var(VAR_ONE, "good"); + let src = format!("This is ${{{}}}", VAR_ONE); + assert_eq!("This is good", apply_env_vars(&src)); + } + + const VAR_INVALID: &str = "VAR_INV@LID"; + + #[test] + fn test_invalid_var_syntax() { + let src = format!("This is ${{{}}}", VAR_INVALID); + assert_eq!(src, apply_env_vars(&src)); + } } \ No newline at end of file