diff options
author | Katharina Fey <kookie@spacekookie.de> | 2018-04-02 00:07:55 +0200 |
---|---|---|
committer | Katharina Fey <kookie@spacekookie.de> | 2018-04-02 00:07:55 +0200 |
commit | 5e3e52f1f7a8c0549f91b3b8c67dbd912a26dcea (patch) | |
tree | a15e576d1730da4dbb394beef7f74af88decf871 /src | |
parent | 974a5fb9c684b3cf972142a6367f473742985d35 (diff) |
Removing a bunch of code and bricking everything :D
Diffstat (limited to '')
-rw-r--r-- | src/security/aes.rs | 108 | ||||
-rw-r--r-- | src/security/encoding.rs | 17 | ||||
-rw-r--r-- | src/security/encryption.rs | 78 | ||||
-rw-r--r-- | src/security/hash.rs | 29 | ||||
-rw-r--r-- | src/security/keys.rs | 11 | ||||
-rw-r--r-- | src/security/mod.rs | 5 |
6 files changed, 6 insertions, 242 deletions
diff --git a/src/security/aes.rs b/src/security/aes.rs deleted file mode 100644 index a229dc2..0000000 --- a/src/security/aes.rs +++ /dev/null @@ -1,108 +0,0 @@ -//! Primitive AES encryption module -//! -//! This module has no concept of higher-level types. It only deals with vectors of raw data -//! and strings. It pads data wherever neccessary with symbols that are stripped out when -//! converting it to higher level types. -//! -//! This module is by no means perfect and shouldn't be considered incredibly secure. -//! The API can remain the same as features underneath are exchanged and hardnened. -//! - - -use aesni::{Aes128, BlockCipher}; -use generic_array::GenericArray; -use std::str::from_utf8_unchecked; - -use super::keys::{KEY_LENGTH, Key}; - -/// Low-level wrapper around the AES block encrypt functions -pub struct AES { - ctx: Aes128, - pub key: Key, -} - -impl AES { - /// Create a new AES context from a key context - pub fn new(key: &Key) -> AES { - return AES { - ctx: Aes128::new_varkey(&key.data).unwrap(), - key: key.clone(), - }; - } - - /// Encrypt a generic vector of data into another vector - pub fn encrypt(&self, d: &Vec<u8>) -> Vec<u8> { - let mut encrypted: Vec<u8> = Vec::new(); - let mut start: usize = 0; - let mut stop: usize = KEY_LENGTH; - - /* Pad the data */ - let padded = AES::pad(&d); - let padded_slice = padded.as_slice(); - - loop { - let slice = &padded_slice[start..stop]; - - /* Encrypt the slice in place */ - let mut block = GenericArray::clone_from_slice(slice); - self.ctx.encrypt_block(&mut block); - - for byte in block { - encrypted.push(byte); - } - - start = stop; - stop += KEY_LENGTH; - if padded.len() < stop { - break; - } - } - - return encrypted; - } - - pub fn decrypt(&self, vec: &Vec<u8>) -> String { - let mut decrypted = String::new(); - let mut start: usize = 0; - let mut stop: usize = KEY_LENGTH; - - loop { - let slice = &vec[start..stop]; - let mut block = GenericArray::clone_from_slice(slice); - - /* Encrypt block and push to collection */ - self.ctx.decrypt_block(&mut block); - decrypted.push_str(&AES::vec_to_str(&block)); - - start = stop; - stop += KEY_LENGTH; - if vec.len() < stop { - break; - } - } - - return decrypted; - } - - /* Some utility functions below */ - - fn pad(data: &Vec<u8>) -> Vec<u8> { - let mut padded = data.clone(); - - if padded.len() % KEY_LENGTH == 0 { - return padded; - } - - let to_pad = data.len() + (data.len() % KEY_LENGTH); - for _ in 1..to_pad { - padded.push(' ' as u8); - } - - return padded; - } - - /// Convert a vector of u8 into a utf-8 string - fn vec_to_str(vec: &[u8]) -> String { - return unsafe { String::from(from_utf8_unchecked(vec)) }; - } -} diff --git a/src/security/encoding.rs b/src/security/encoding.rs index 5c32251..d55d7e1 100644 --- a/src/security/encoding.rs +++ b/src/security/encoding.rs @@ -5,29 +5,16 @@ use std::fmt::Write; use std::str::from_utf8_unchecked; use base64; - -/// Takes a utf-8 string of raw binary data and converts itto base64 encoded form -#[deprecated] -pub fn encode_base64(data: &str) -> String { - return base64::encode(data.as_bytes()); -} - +/// Encode a piece of arbitary data into a bse64 string pub fn base64_encode(data: &Vec<u8>) -> String { return base64::encode(data); } +/// Decode a base64 string into arbitrary data pub fn base64_decode(data: &String) -> Vec<u8> { return base64::decode(data).unwrap(); } -/// Takes a base64 string and converts it to raw binary data -#[deprecated] -pub fn decode_base64(base64: &str) -> String { - let vec = base64::decode(base64).unwrap(); - let decoded = unsafe { from_utf8_unchecked(&vec) }; - return String::from(decoded); -} - /// Simply encode a byte-string as hexadecimal symbols #[allow(unused)] pub fn encode_hex(data: &str) -> String { diff --git a/src/security/encryption.rs b/src/security/encryption.rs deleted file mode 100644 index 3aea480..0000000 --- a/src/security/encryption.rs +++ /dev/null @@ -1,78 +0,0 @@ -//! High level utility wrapper module around crypto calls -//! - -use super::aes::AES; -use super::encoding; -use super::keys::Key; - -use serde_json; -use serde::Serialize; -use serde::de::DeserializeOwned; - - -pub trait Encryptor<'a, T: Serialize + DeserializeOwned> { - fn encrypt(&self, data: &T) -> String; - fn decrypt(&self, data: String) -> T; -} - - -/// Wraps high-level utilities -pub struct CryptoCtx { - core: AES, -} - -impl<'a, T: Serialize + DeserializeOwned> Encryptor<'a, T> for CryptoCtx { - - /// Generic encryption function for any higher level type that can be Serialised - /// - /// Returns a bse64 encoded string of ciphertext - fn encrypt(&self, data: &T) -> String { - let encoded = serde_json::to_string(&data).unwrap(); - let vec = str_to_vec(&encoded); - - /* ✨ M A G I C ✨ */ - let encrypted = self.core.encrypt(&vec); - let base64 = encoding::base64_encode(&encrypted); - return base64.to_owned(); - } - - /// Generic decryption function for any higher level type that can be Deserialised - /// - /// Takes a base64 encoded string as data - fn decrypt(&self, data: String) -> T { - let decoded: Vec<u8> = encoding::base64_decode(&data); - let decrypted: String = self.core.decrypt(&decoded); - - let data: T = serde_json::from_str(&decrypted).unwrap(); - return data; - } -} - -impl CryptoCtx { - - /// Create a new key and crypto context from scratch - pub fn new() -> CryptoCtx { - let k = Key::new(); - return CryptoCtx { core: AES::new(&k) }; - } - - /// Create a new context with an existing key - pub fn existing(key: &Key) -> CryptoCtx { - return CryptoCtx { core: AES::new(key) }; - } - - /// Get the currently in-use key - pub fn get_active_key(&self) -> &Key { - return &self.core.key; - } -} - - -/// Convert a utf-8 string to a vector of u8 -fn str_to_vec(string: &str) -> Vec<u8> { - let mut vec: Vec<u8> = Vec::new(); - for b in string.as_bytes() { - vec.push(*b); - } - return vec; -} diff --git a/src/security/hash.rs b/src/security/hash.rs index a54ec50..39d9f4c 100644 --- a/src/security/hash.rs +++ b/src/security/hash.rs @@ -25,32 +25,3 @@ pub fn blake2_16(data: &str, salt: &str) -> [u8; BLAKE_16_LENGTH] { return buffer; } - - - // use blake2::Blake2s; - // use blake2::digest::{Input, VariableOutput}; - // use std::fmt::Write; - - // let mut hasher = Blake2s::new(16).unwrap(); - // // instead of `input` method here we should use `process` - // hasher.process(b"hello world"); - // let mut buf = [0u8; 16]; - // hasher.variable_result(&mut buf).unwrap(); - - - -// use blake2::{Blake2b, Digest}; - -// let record = Record::new("facebook", "web"); -// let mut j = serde_json::to_string(&record).unwrap(); -// println!("{}", j); - -// // create a Blake2b object -// let mut hasher = Blake2b::new(); - -// // write input message -// hasher.input(j.as_bytes()); - -// // read hash digest and consume hasher -// let output = hasher.result(); -// println!("{:x}", output);
\ No newline at end of file diff --git a/src/security/keys.rs b/src/security/keys.rs index ec54ae7..f0c207d 100644 --- a/src/security/keys.rs +++ b/src/security/keys.rs @@ -4,12 +4,9 @@ use std::fs::File; -use std::ffi::OsStr; use std::io::prelude::*; use super::random; -use super::encoding; -use super::encryption::{CryptoCtx, Encryptor}; use super::hash; pub const KEY_LENGTH: usize = 16; @@ -29,8 +26,8 @@ impl Key { } /// Use a password as a key - pub fn from_password(password: &str) -> Key { - let hashed = hash::blake2_16(password, ""); // FIXME: Use some sort of salt here + pub fn from_password(password: &str, salt: &str) -> Key { + let hashed = hash::blake2_16(password, salt); let vec: Vec<u8> = Vec::new(); for b in &hashed { vec.push(b.clone()); @@ -40,7 +37,7 @@ impl Key { /// Load an encrypted key from disk pub fn load(path: &String, password: &str) -> Key { - let tmp_key = Key::from_password(password); + let tmp_key = Key::from_password(password, "REPLACE WITH SALT"); let ctx = CryptoCtx::existing(&tmp_key); /* Load encrypted from disk */ @@ -56,7 +53,7 @@ impl Key { /// Save the current key, encrypted to disk pub fn save(&self, path: &String, password: &str) { - let tmp_key = Key::from_password(password); + let tmp_key = Key::from_password(password, "REPLACE WITH SALT"); let ctx = CryptoCtx::existing(&tmp_key); let encrypted = ctx.encrypt(&self.clone()); diff --git a/src/security/mod.rs b/src/security/mod.rs index f86b8bc..f6d0315 100644 --- a/src/security/mod.rs +++ b/src/security/mod.rs @@ -8,8 +8,3 @@ pub mod encoding; pub mod random; pub mod hash; pub mod keys; - -// Core cryptography -pub mod aes; -pub mod encryption; -pub use self::encryption::*; |