blob: 4db04239128f7f4345229051d374fd3ddbd558eb (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
|
use zeroize::Zeroize;
pub struct Vec {
data: Box<arrayvec::ArrayVec<[u8; 4096]>>,
_lock: region::LockGuard,
}
impl Default for Vec {
fn default() -> Self {
let data = Box::new(arrayvec::ArrayVec::<_>::new());
// XXX it'd be nice to handle this better than .unwrap(), but it'd be
// a lot of effort
let lock = region::lock(data.as_ptr(), data.capacity()).unwrap();
Self { data, _lock: lock }
}
}
impl Vec {
pub fn new() -> Self {
Self::default()
}
pub fn data(&self) -> &[u8] {
self.data.as_slice()
}
pub fn data_mut(&mut self) -> &mut [u8] {
self.data.as_mut_slice()
}
pub fn extend(&mut self, it: impl Iterator<Item = u8>) {
self.data.extend(it);
}
pub fn truncate(&mut self, len: usize) {
self.data.truncate(len);
}
}
impl Drop for Vec {
fn drop(&mut self) {
self.extend(std::iter::repeat(0));
self.data.as_mut().zeroize();
}
}
pub struct Password {
password: Vec,
}
impl Password {
pub fn new(password: Vec) -> Self {
Self { password }
}
pub fn password(&self) -> &[u8] {
self.password.data()
}
}
pub struct Keys {
keys: Vec,
}
impl Keys {
pub fn new(keys: Vec) -> Self {
Self { keys }
}
pub fn enc_key(&self) -> &[u8] {
&self.keys.data()[0..32]
}
pub fn mac_key(&self) -> &[u8] {
&self.keys.data()[32..64]
}
}
pub struct PasswordHash {
hash: Vec,
}
impl PasswordHash {
pub fn new(hash: Vec) -> Self {
Self { hash }
}
pub fn hash(&self) -> &[u8] {
self.hash.data()
}
}
|