diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/cipherstring.rs | 29 | ||||
-rw-r--r-- | src/error.rs | 5 | ||||
-rw-r--r-- | src/identity.rs | 27 |
3 files changed, 25 insertions, 36 deletions
diff --git a/src/cipherstring.rs b/src/cipherstring.rs index f213cf7..cd1d25b 100644 --- a/src/cipherstring.rs +++ b/src/cipherstring.rs @@ -1,6 +1,7 @@ use crate::prelude::*; use block_modes::BlockMode as _; +use hmac::{Mac as _, NewMac as _}; use rand::RngCore as _; pub enum CipherString { @@ -94,8 +95,6 @@ impl CipherString { ) -> Result<Self> { let iv = random_iv(); - // ring doesn't currently support CBC ciphers, so we have to do it - // manually. see https://github.com/briansmith/ring/issues/588 let cipher = block_modes::Cbc::< aes::Aes256, block_modes::block_padding::Pkcs7, @@ -103,12 +102,12 @@ impl CipherString { .map_err(|source| Error::CreateBlockMode { source })?; let ciphertext = cipher.encrypt_vec(plaintext); - let mut digest = ring::hmac::Context::with_key( - &ring::hmac::Key::new(ring::hmac::HMAC_SHA256, keys.mac_key()), - ); + let mut digest = + hmac::Hmac::<sha2::Sha256>::new_varkey(keys.mac_key()) + .map_err(|source| Error::CreateHmac { source })?; digest.update(&iv); digest.update(&ciphertext); - let mac = digest.sign().as_ref().to_vec(); + let mac = digest.finalize().into_bytes().as_slice().to_vec(); Ok(Self::Symmetric { iv, @@ -182,9 +181,6 @@ impl CipherString { ) -> Result<crate::locked::Vec> { match self { Self::Asymmetric { ciphertext } => { - // ring doesn't currently support asymmetric encryption (only - // signatures). see - // https://github.com/briansmith/ring/issues/691 let pkey = openssl::pkey::PKey::private_key_from_pkcs8( private_key.private_key(), ) @@ -223,21 +219,16 @@ fn decrypt_common_symmetric( ) -> Result<block_modes::Cbc<aes::Aes256, block_modes::block_padding::Pkcs7>> { if let Some(mac) = mac { - let key = - ring::hmac::Key::new(ring::hmac::HMAC_SHA256, keys.mac_key()); - // it'd be nice to not have to pull this into a vec, but ring - // doesn't currently support non-contiguous verification. see - // https://github.com/briansmith/ring/issues/615 - let data: Vec<_> = - iv.iter().chain(ciphertext.iter()).copied().collect(); + let mut key = hmac::Hmac::<sha2::Sha256>::new_varkey(keys.mac_key()) + .map_err(|source| Error::CreateHmac { source })?; + key.update(&iv); + key.update(&ciphertext); - if ring::hmac::verify(&key, &data, mac).is_err() { + if key.verify(mac).is_err() { return Err(Error::InvalidMac); } } - // ring doesn't currently support CBC ciphers, so we have to do it - // manually. see https://github.com/briansmith/ring/issues/588 Ok(block_modes::Cbc::< aes::Aes256, block_modes::block_padding::Pkcs7, diff --git a/src/error.rs b/src/error.rs index 3576aa1..28f8504 100644 --- a/src/error.rs +++ b/src/error.rs @@ -8,6 +8,11 @@ pub enum Error { source: block_modes::InvalidKeyIvLength, }, + #[error("failed to create block mode decryptor")] + CreateHmac { + source: hmac::crypto_mac::InvalidKeyLength, + }, + #[error("failed to create directory at {}", .file.display())] CreateDirectory { source: std::io::Error, diff --git a/src/identity.rs b/src/identity.rs index 602940f..90d4fad 100644 --- a/src/identity.rs +++ b/src/identity.rs @@ -19,35 +19,28 @@ impl Identity { keys.extend(std::iter::repeat(0).take(64)); let enc_key = &mut keys.data_mut()[0..32]; - ring::pbkdf2::derive( - ring::pbkdf2::PBKDF2_HMAC_SHA256, - iterations, - email.as_bytes(), + pbkdf2::pbkdf2::<hmac::Hmac<sha2::Sha256>>( password.password(), + email.as_bytes(), + iterations.get(), enc_key, ); let mut hash = crate::locked::Vec::new(); hash.extend(std::iter::repeat(0).take(32)); - ring::pbkdf2::derive( - ring::pbkdf2::PBKDF2_HMAC_SHA256, - std::num::NonZeroU32::new(1).unwrap(), - password.password(), + pbkdf2::pbkdf2::<hmac::Hmac<sha2::Sha256>>( enc_key, + password.password(), + 1, hash.data_mut(), ); - let hkdf = - ring::hkdf::Prk::new_less_safe(ring::hkdf::HKDF_SHA256, enc_key); - hkdf.expand(&[b"enc"], ring::hkdf::HKDF_SHA256) - .map_err(|_| Error::HkdfExpand)? - .fill(enc_key) + let hkdf = hkdf::Hkdf::<sha2::Sha256>::from_prk(enc_key) + .map_err(|_| Error::HkdfExpand)?; + hkdf.expand(b"enc", enc_key) .map_err(|_| Error::HkdfExpand)?; - let mac_key = &mut keys.data_mut()[32..64]; - hkdf.expand(&[b"mac"], ring::hkdf::HKDF_SHA256) - .map_err(|_| Error::HkdfExpand)? - .fill(mac_key) + hkdf.expand(b"mac", mac_key) .map_err(|_| Error::HkdfExpand)?; let keys = crate::locked::Keys::new(keys); |