Merge pull request #109 from quexten/feature/argon2

Implement argon2 kdf
author: Jesse Luehrs <doy@tozt.net> 2023-03-25 22:01:37 -0500
committer: GitHub <noreply@github.com> 2023-03-25 22:01:37 -0500
commit: c12c7643779bc495ff5f26cfe0e924586ced3f2c (patch)
tree: 5207ee6eab126594e2b2af4a12af09ec97165e5c /src/identity.rs
parent: 2f9bd4eb45c57ce8e8d3011d7660223c05b50f98 (diff)
parent: 7b57f928e5fb345e02f6101d07d5cbbc7e540458 (diff)
download: rbw-c12c7643779bc495ff5f26cfe0e924586ced3f2c.tar.gz
rbw-c12c7643779bc495ff5f26cfe0e924586ced3f2c.zip
1 files changed, 36 insertions, 9 deletions
diff --git a/src/identity.rs b/src/identity.rs
index 8a5dc61..9bc435f 100644
--- a/src/identity.rs
+++ b/src/identity.rs
@@ -1,5 +1,6 @@
-use crate::prelude::*;
-
+use crate::{prelude::*, api::KdfType};
+use sha2::Digest;
+use argon2::Argon2;
 pub struct Identity {
     pub email: String,
     pub keys: crate::locked::Keys,
@@ -10,7 +11,10 @@ impl Identity {
     pub fn new(
         email: &str,
         password: &crate::locked::Password,
+        kdf: KdfType,
         iterations: u32,
+        memory: Option<u32>,
+        parallelism: Option<u32>,
     ) -> Result<Self> {
         let iterations = std::num::NonZeroU32::new(iterations)
             .ok_or(Error::Pbkdf2ZeroIterations)?;
@@ -19,14 +23,37 @@ impl Identity {
         keys.extend(std::iter::repeat(0).take(64));
 
         let enc_key = &mut keys.data_mut()[0..32];
-        pbkdf2::pbkdf2::<hmac::Hmac<sha2::Sha256>>(
-            password.password(),
-            email.as_bytes(),
-            iterations.get(),
-            enc_key,
-        )
-        .map_err(|_| Error::Pbkdf2)?;
 
+        match kdf {
+            KdfType::Pbkdf2 => {
+                pbkdf2::pbkdf2::<hmac::Hmac<sha2::Sha256>>(
+                    password.password(),
+                    email.as_bytes(),
+                    iterations.get(),
+                    enc_key,
+                )
+                .map_err(|_| Error::Pbkdf2)?;
+            }
+
+            KdfType::Argon2id => {
+                let mut hasher = sha2::Sha256::new();
+                hasher.update(email.as_bytes());
+                let mut salt = hasher.finalize();
+
+                let mut output_key_material = [0u8];
+                let argon2_config = Argon2::new(
+                    argon2::Algorithm::Argon2id,
+                    argon2::Version::V0x13,
+                    argon2::Params::new(memory.unwrap() * 1024,
+                        iterations.get(),
+                        parallelism.unwrap(),
+                        Some(32)).unwrap());
+                argon2::Argon2::hash_password_into(&argon2_config, password.password(), &mut salt, &mut output_key_material)
+                    .map_err(|_| Error::Argon2)?;
+                enc_key.copy_from_slice(&output_key_material);
+            }
+        };
+        
         let mut hash = crate::locked::Vec::new();
         hash.extend(std::iter::repeat(0).take(32));
         pbkdf2::pbkdf2::<hmac::Hmac<sha2::Sha256>>(
author	Jesse Luehrs <doy@tozt.net>	2023-03-25 22:01:37 -0500
committer	GitHub <noreply@github.com>	2023-03-25 22:01:37 -0500
commit	c12c7643779bc495ff5f26cfe0e924586ced3f2c (patch)
tree	5207ee6eab126594e2b2af4a12af09ec97165e5c /src/identity.rs
parent	2f9bd4eb45c57ce8e8d3011d7660223c05b50f98 (diff)
parent	7b57f928e5fb345e02f6101d07d5cbbc7e540458 (diff)
download	rbw-c12c7643779bc495ff5f26cfe0e924586ced3f2c.tar.gz rbw-c12c7643779bc495ff5f26cfe0e924586ced3f2c.zip