diff options
author | Katharina Fey <kookie@spacekookie.de> | 2018-07-02 18:37:15 +0200 |
---|---|---|
committer | Katharina Fey <kookie@spacekookie.de> | 2018-07-02 18:37:15 +0200 |
commit | f2156e21b830ebc3cfd0f9eab4e7e01112e023b4 (patch) | |
tree | 410372dd1d2c47a0af1e0aa71541cd48eb9efaa0 /lockchain-core/src/crypto | |
parent | 99ff8f0ebae37069de690936f79c4d599851f952 (diff) |
Refactoring crypto module, moving `auth` into `users` module
Diffstat (limited to 'lockchain-core/src/crypto')
-rw-r--r-- | lockchain-core/src/crypto/encoding.rs | 24 | ||||
-rw-r--r-- | lockchain-core/src/crypto/hashing.rs | 25 | ||||
-rw-r--r-- | lockchain-core/src/crypto/mod.rs | 16 | ||||
-rw-r--r-- | lockchain-core/src/crypto/passwords/mod.rs | 7 | ||||
-rw-r--r-- | lockchain-core/src/crypto/random.rs | 46 | ||||
-rw-r--r-- | lockchain-core/src/crypto/utils.rs | 105 |
6 files changed, 111 insertions, 112 deletions
diff --git a/lockchain-core/src/crypto/encoding.rs b/lockchain-core/src/crypto/encoding.rs new file mode 100644 index 0000000..0c49490 --- /dev/null +++ b/lockchain-core/src/crypto/encoding.rs @@ -0,0 +1,24 @@ +//! Easy to use encoding utility functions + +use base64; +use std::fmt::Write; + +/// Encode a piece of arbitary data into a bse64 string +pub fn base64_encode(data: &Vec<u8>) -> String { + return base64::encode(data); +} + +/// Decode a base64 string into arbitrary data +pub fn base64_decode(data: &String) -> Vec<u8> { + return base64::decode(data).unwrap(); +} + +/// Simply encode a byte-string as hexadecimal symbols +pub fn encode_hex(data: &str) -> String { + let mut s = String::new(); + for &byte in data.as_bytes() { + write!(&mut s, "{:X}", byte).expect("Unable to HEX encode!"); + } + + return s; +}
\ No newline at end of file diff --git a/lockchain-core/src/crypto/hashing.rs b/lockchain-core/src/crypto/hashing.rs new file mode 100644 index 0000000..4a24a17 --- /dev/null +++ b/lockchain-core/src/crypto/hashing.rs @@ -0,0 +1,25 @@ +//! Hashing utility functions for various applications + +use blake2::digest::{Input, VariableOutput}; +use blake2::Blake2s; + +const BLAKE_16_LENGTH: usize = 16; + +/// Hash a value with blake2 +pub fn blake2(data: &str, salt: &str) -> [u8; BLAKE_16_LENGTH] { + let mut hasher = match Blake2s::new(BLAKE_16_LENGTH) { + Ok(res) => res, + Err(some) => panic!(some), + }; + + let to_hash = format!("{}{}", data, salt); + hasher.process(to_hash.as_bytes()); + + let mut buffer = [0u8; BLAKE_16_LENGTH]; + match hasher.variable_result(&mut buffer) { + Ok(res) => res, + Err(e) => panic!(e), + }; + + return buffer; +} diff --git a/lockchain-core/src/crypto/mod.rs b/lockchain-core/src/crypto/mod.rs index cbc9fb7..6fa17bb 100644 --- a/lockchain-core/src/crypto/mod.rs +++ b/lockchain-core/src/crypto/mod.rs @@ -1,20 +1,22 @@ -//! Shared cryptographic primitives for the lockchain ecosystem -//! -//! This is a secure storage vault after all, we need some -//! shared crypto helpers for all the other crates :) +//! Shared cryptographic primitives and utilities +//! +//! mod data; -mod utils; /// We re-export keybob's API here mod keys { - use traits::AutoEncoder; pub use keybob::{Key, KeyType}; + use traits::AutoEncoder; impl AutoEncoder for Key {} impl AutoEncoder for KeyType {} } +pub mod passwords; +pub mod encoding; +pub mod hashing; +pub mod random; + pub use self::data::PackedData; pub use self::keys::{Key, KeyType}; -pub use self::utils::*; diff --git a/lockchain-core/src/crypto/passwords/mod.rs b/lockchain-core/src/crypto/passwords/mod.rs new file mode 100644 index 0000000..331ec9d --- /dev/null +++ b/lockchain-core/src/crypto/passwords/mod.rs @@ -0,0 +1,7 @@ +//! A series of password generators for user-facing applications + + + +pub enum PwType { + +} diff --git a/lockchain-core/src/crypto/random.rs b/lockchain-core/src/crypto/random.rs new file mode 100644 index 0000000..7d31992 --- /dev/null +++ b/lockchain-core/src/crypto/random.rs @@ -0,0 +1,46 @@ +//! A small convenience wrapper around `rand` + +use rand::{thread_rng, Rng}; + +/// Generate a random number with an upper bound +pub fn number(bound: u64) -> u64 { + return thread_rng().next_u64() % bound; +} + +/// Generate a sequence of random bytes that are returned +/// as a vector. +/// +/// Can at most allocate 2048 bytes at a time +/// FIXME: That shouldn't have a limit! +pub fn bytes(length: usize) -> Vec<u8> { + let mut vec: Vec<u8> = Vec::new(); + + if length > 2048 { + return vec; + } + + let mut random_data = [0u8; 2048]; + thread_rng().fill_bytes(&mut random_data); + + for i in 0..length { + vec.push(random_data[i]); + } + + return vec; +} + +/// A small utility wraper around bcrypt to allow +/// easy password checking. +pub mod passwd { + use bcrypt::{self, DEFAULT_COST}; + + /// Create a new password, returning a hash + pub fn create(pw: &str) -> Option<String> { + Some(bcrypt::hash(pw, DEFAULT_COST).ok()?) + } + + /// Verify a password against it's stored hash + pub fn verify(pw: &str, hash: &str) -> Option<bool> { + bcrypt::verify(pw, hash).ok() + } +} diff --git a/lockchain-core/src/crypto/utils.rs b/lockchain-core/src/crypto/utils.rs deleted file mode 100644 index 192703f..0000000 --- a/lockchain-core/src/crypto/utils.rs +++ /dev/null @@ -1,105 +0,0 @@ -//! A collection of utility submodules - -/// Encoding module -pub mod encoding { - use base64; - use std::fmt::Write; - - /// Encode a piece of arbitary data into a bse64 string - pub fn base64_encode(data: &Vec<u8>) -> String { - return base64::encode(data); - } - - /// Decode a base64 string into arbitrary data - pub fn base64_decode(data: &String) -> Vec<u8> { - return base64::decode(data).unwrap(); - } - - /// Simply encode a byte-string as hexadecimal symbols - pub fn encode_hex(data: &str) -> String { - let mut s = String::new(); - for &byte in data.as_bytes() { - write!(&mut s, "{:X}", byte).expect("Unable to HEX encode!"); - } - - return s; - } -} - -/// A hashing utility module -pub mod hashing { - use blake2::digest::{Input, VariableOutput}; - use blake2::Blake2s; - - const BLAKE_16_LENGTH: usize = 16; - - /// Hash a value with blake2 - pub fn blake2(data: &str, salt: &str) -> [u8; BLAKE_16_LENGTH] { - let mut hasher = match Blake2s::new(BLAKE_16_LENGTH) { - Ok(res) => res, - Err(some) => panic!(some), - }; - - let to_hash = format!("{}{}", data, salt); - hasher.process(to_hash.as_bytes()); - - let mut buffer = [0u8; BLAKE_16_LENGTH]; - match hasher.variable_result(&mut buffer) { - Ok(res) => res, - Err(e) => panic!(e), - }; - - return buffer; - } -} - -/// Random number utility module for lockchain -/// -/// Provides stateless secure random number and byte generation -pub mod random { - use rand::{thread_rng, Rng}; - - /// Generate a random number with an upper bound - pub fn number(bound: u64) -> u64 { - return thread_rng().next_u64() % bound; - } - - /// Generate a sequence of random bytes that are returned - /// as a vector. - /// - /// Can at most allocate 2048 bytes at a time - /// FIXME: That shouldn't have a limit! - pub fn bytes(length: usize) -> Vec<u8> { - let mut vec: Vec<u8> = Vec::new(); - - if length > 2048 { - return vec; - } - - let mut random_data = [0u8; 2048]; - thread_rng().fill_bytes(&mut random_data); - - for i in 0..length { - vec.push(random_data[i]); - } - - return vec; - - } - - /// A small utility wraper around bcrypt to allow - /// easy password checking. - pub mod passwd { - use bcrypt::{self, DEFAULT_COST}; - - /// Create a new password, returning a hash - pub fn create(pw: &str) -> Option<String> { - Some(bcrypt::hash(pw, DEFAULT_COST).ok()?) - } - - /// Verify a password against it's stored hash - pub fn verify(pw: &str, hash: &str) -> Option<bool> { - bcrypt::verify(pw, hash).ok() - } - } -} |