Update aes dependency
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Pierre HUBERT 2022-08-20 09:30:36 +02:00
parent 8b2d3b7fae
commit 68e0aa2565
4 changed files with 114 additions and 17 deletions

93
Cargo.lock generated
View File

@ -270,6 +270,16 @@ dependencies = [
"generic-array", "generic-array",
] ]
[[package]]
name = "aead"
version = "0.5.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5c192eb8f11fc081b0fe4259ba5af04217d4e0faddd02417310a927911abd7c8"
dependencies = [
"crypto-common",
"generic-array",
]
[[package]] [[package]]
name = "aes" name = "aes"
version = "0.7.5" version = "0.7.5"
@ -282,17 +292,42 @@ dependencies = [
"opaque-debug", "opaque-debug",
] ]
[[package]]
name = "aes"
version = "0.8.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bfe0133578c0986e1fe3dfcd4af1cc5b2dd6c3dbf534d69916ce16a2701d40ba"
dependencies = [
"cfg-if",
"cipher 0.4.3",
"cpufeatures",
]
[[package]] [[package]]
name = "aes-gcm" name = "aes-gcm"
version = "0.9.4" version = "0.9.4"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "df5f85a83a7d8b0442b6aa7b504b8212c1733da07b98aae43d4bc21b2cb3cdf6" checksum = "df5f85a83a7d8b0442b6aa7b504b8212c1733da07b98aae43d4bc21b2cb3cdf6"
dependencies = [ dependencies = [
"aead", "aead 0.4.3",
"aes", "aes 0.7.5",
"cipher 0.3.0", "cipher 0.3.0",
"ctr", "ctr 0.8.0",
"ghash", "ghash 0.4.4",
"subtle",
]
[[package]]
name = "aes-gcm"
version = "0.10.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "82e1366e0c69c9f927b1fa5ce2c7bf9eafc8f9268c0b9800729e8b267612447c"
dependencies = [
"aead 0.5.1",
"aes 0.8.1",
"cipher 0.4.3",
"ctr 0.9.1",
"ghash 0.5.0",
"subtle", "subtle",
] ]
@ -454,7 +489,7 @@ dependencies = [
"actix-identity", "actix-identity",
"actix-session", "actix-session",
"actix-web", "actix-web",
"aes-gcm", "aes-gcm 0.10.1",
"askama", "askama",
"base32", "base32",
"base64", "base64",
@ -711,7 +746,7 @@ version = "0.16.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "94d4706de1b0fa5b132270cddffa8585166037822e260a944fe161acd137ca05" checksum = "94d4706de1b0fa5b132270cddffa8585166037822e260a944fe161acd137ca05"
dependencies = [ dependencies = [
"aes-gcm", "aes-gcm 0.9.4",
"base64", "base64",
"hkdf", "hkdf",
"hmac 0.12.1", "hmac 0.12.1",
@ -816,6 +851,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3"
dependencies = [ dependencies = [
"generic-array", "generic-array",
"rand_core",
"typenum", "typenum",
] ]
@ -844,6 +880,15 @@ dependencies = [
"cipher 0.3.0", "cipher 0.3.0",
] ]
[[package]]
name = "ctr"
version = "0.9.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0d14f329cfbaf5d0e06b5e87fff7e265d2673c5ea7d2c27691a2c107db1442a0"
dependencies = [
"cipher 0.4.3",
]
[[package]] [[package]]
name = "deflate" name = "deflate"
version = "1.0.0" version = "1.0.0"
@ -1133,7 +1178,17 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1583cc1656d7839fd3732b80cf4f38850336cdb9b8ded1cd399ca62958de3c99" checksum = "1583cc1656d7839fd3732b80cf4f38850336cdb9b8ded1cd399ca62958de3c99"
dependencies = [ dependencies = [
"opaque-debug", "opaque-debug",
"polyval", "polyval 0.5.3",
]
[[package]]
name = "ghash"
version = "0.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d930750de5717d2dd0b8c0d42c076c0e884c81a73e6cab859bbd2339c71e3e40"
dependencies = [
"opaque-debug",
"polyval 0.6.0",
] ]
[[package]] [[package]]
@ -1907,7 +1962,19 @@ dependencies = [
"cfg-if", "cfg-if",
"cpufeatures", "cpufeatures",
"opaque-debug", "opaque-debug",
"universal-hash", "universal-hash 0.4.1",
]
[[package]]
name = "polyval"
version = "0.6.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7ef234e08c11dfcb2e56f79fd70f6f2eb7f025c0ce2333e82f4f0518ecad30c6"
dependencies = [
"cfg-if",
"cpufeatures",
"opaque-debug",
"universal-hash 0.5.0",
] ]
[[package]] [[package]]
@ -2585,6 +2652,16 @@ dependencies = [
"subtle", "subtle",
] ]
[[package]]
name = "universal-hash"
version = "0.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7d3160b73c9a19f7e2939a2fdad446c57c1bbbbf4d919d3213ff1267a580d8b5"
dependencies = [
"crypto-common",
"subtle",
]
[[package]] [[package]]
name = "unsafe-libyaml" name = "unsafe-libyaml"
version = "0.2.2" version = "0.2.2"

View File

@ -34,5 +34,5 @@ base32 = "0.4.0"
qrcode-generator = "4.1.6" qrcode-generator = "4.1.6"
webauthn-rs = "0.3.2" webauthn-rs = "0.3.2"
url = "2.2.2" url = "2.2.2"
aes-gcm = { version = "0.9.4", features = ["aes"] } aes-gcm = { version = "0.10.1", features = ["aes"] }
bincode = "1.3.3" bincode = "1.3.3"

View File

@ -1,8 +1,7 @@
use std::io::ErrorKind; use std::io::ErrorKind;
use aes_gcm::{Aes256Gcm, Key, Nonce}; use aes_gcm::{Aes256Gcm, Key, KeyInit, Nonce};
use aes_gcm::aead::Aead; use aes_gcm::aead::{Aead, OsRng};
use aes_gcm::NewAead;
use rand::Rng; use rand::Rng;
use serde::de::DeserializeOwned; use serde::de::DeserializeOwned;
use serde::Serialize; use serde::Serialize;
@ -10,21 +9,20 @@ use serde::Serialize;
use crate::utils::err::Res; use crate::utils::err::Res;
const NONCE_LEN: usize = 12; const NONCE_LEN: usize = 12;
const KEY_LEN: usize = 32;
pub struct CryptoWrapper { pub struct CryptoWrapper {
key: Vec<u8>, key: Key<Aes256Gcm>,
} }
impl CryptoWrapper { impl CryptoWrapper {
/// Generate a new memory wrapper /// Generate a new memory wrapper
pub fn new_random() -> Self { pub fn new_random() -> Self {
Self { key: (0..KEY_LEN).map(|_| { rand::random::<u8>() }).collect() } Self { key: Aes256Gcm::generate_key(&mut OsRng) }
} }
/// Encrypt some data /// Encrypt some data
pub fn encrypt<T: Serialize + DeserializeOwned>(&self, data: &T) -> Res<String> { pub fn encrypt<T: Serialize + DeserializeOwned>(&self, data: &T) -> Res<String> {
let aes_key = Aes256Gcm::new(Key::from_slice(&self.key)); let aes_key = Aes256Gcm::new(&self.key);
let nonce_bytes = rand::thread_rng().gen::<[u8; NONCE_LEN]>(); let nonce_bytes = rand::thread_rng().gen::<[u8; NONCE_LEN]>();
let serialized_data = bincode::serialize(data)?; let serialized_data = bincode::serialize(data)?;
@ -49,7 +47,7 @@ impl CryptoWrapper {
let (enc, nonce) = bytes.split_at(bytes.len() - NONCE_LEN); let (enc, nonce) = bytes.split_at(bytes.len() - NONCE_LEN);
assert_eq!(nonce.len(), NONCE_LEN); assert_eq!(nonce.len(), NONCE_LEN);
let aes_key = Aes256Gcm::new(Key::from_slice(&self.key)); let aes_key = Aes256Gcm::new(&self.key);
let dec = match aes_key.decrypt(Nonce::from_slice(nonce), enc) { let dec = match aes_key.decrypt(Nonce::from_slice(nonce), enc) {
Ok(d) => d, Ok(d) => d,

View File

@ -30,4 +30,26 @@ pub fn apply_env_vars(val: &str) -> String {
} }
val val
}
#[cfg(test)]
mod test {
use std::env;
use crate::utils::string_utils::apply_env_vars;
const VAR_ONE: &str = "VAR_ONE";
#[test]
fn test_apply_env_var() {
env::set_var(VAR_ONE, "good");
let src = format!("This is ${{{}}}", VAR_ONE);
assert_eq!("This is good", apply_env_vars(&src));
}
const VAR_INVALID: &str = "VAR_INV@LID";
#[test]
fn test_invalid_var_syntax() {
let src = format!("This is ${{{}}}", VAR_INVALID);
assert_eq!(src, apply_env_vars(&src));
}
} }