liz/veilid
1
0
Fork 0
Code Pull Requests Packages Releases Activity

crypto update

Browse Source
This commit is contained in:
John Smith
2023-05-16 21:34:34 -04:00
parent 8660457f95
commit 9a43faaf10
10 changed files with 366 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
veilid-core/src/crypto/crypto_system.rs
View File

@@ -16,11 +16,8 @@ pub trait CryptoSystem {
fn random_bytes(&self, len: u32) -> Vec<u8>;
fn default_salt_length(&self) -> u32;
fn hash_password(&self, password: &[u8], salt: &[u8]) -> Result<String, VeilidAPIError>;
fn verify_password(
&self,
password: &[u8],
password_hash: String,
) -> Result<bool, VeilidAPIError>;
fn verify_password(&self, password: &[u8], password_hash: &str)
-> Result<bool, VeilidAPIError>;
fn derive_shared_secret(
&self,
password: &[u8],

4
veilid-core/src/crypto/none/mod.rs
View File

@@ -103,7 +103,7 @@ impl CryptoSystem for CryptoSystemNONE {
fn verify_password(
&self,
password: &[u8],
password_hash: String,
password_hash: &str,
) -> Result<bool, VeilidAPIError> {
let Some((salt, _)) = password_hash.split_once(":") else {
apibail_generic!("invalid format");
@@ -111,7 +111,7 @@ impl CryptoSystem for CryptoSystemNONE {
let Ok(salt) = BASE64URL_NOPAD.decode(salt.as_bytes()) else {
apibail_generic!("invalid salt");
};
return Ok(self.hash_password(password, &salt)? == password_hash);
return Ok(&self.hash_password(password, &salt)? == password_hash);
}
fn derive_shared_secret(

10
veilid-core/src/crypto/tests/test_crypto.rs
View File

@@ -195,11 +195,11 @@ pub async fn test_generation(vcrypto: CryptoSystemVersion) {
)
.expect_err("should reject long salt");
assert!(vcrypto.verify_password(b"abc123", pstr1.clone()).unwrap());
assert!(vcrypto.verify_password(b"abc123", pstr2.clone()).unwrap());
assert!(vcrypto.verify_password(b"abc123", pstr3.clone()).unwrap());
assert!(!vcrypto.verify_password(b"abc123", pstr4.clone()).unwrap());
assert!(!vcrypto.verify_password(b"abc123", pstr5.clone()).unwrap());
assert!(vcrypto.verify_password(b"abc123", &pstr1).unwrap());
assert!(vcrypto.verify_password(b"abc123", &pstr2).unwrap());
assert!(vcrypto.verify_password(b"abc123", &pstr3).unwrap());
assert!(!vcrypto.verify_password(b"abc123", &pstr4).unwrap());
assert!(!vcrypto.verify_password(b"abc123", &pstr5).unwrap());
let ss1 = vcrypto.derive_shared_secret(b"abc123", b"qwerasdf");
let ss2 = vcrypto.derive_shared_secret(b"abc123", b"qwerasdf");

4
veilid-core/src/crypto/vld0/mod.rs
View File

@@ -104,9 +104,9 @@ impl CryptoSystem for CryptoSystemVLD0 {
fn verify_password(
&self,
password: &[u8],
password_hash: String,
password_hash: &str,
) -> Result<bool, VeilidAPIError> {
let parsed_hash = PasswordHash::new(&password_hash).map_err(VeilidAPIError::generic)?;
let parsed_hash = PasswordHash::new(password_hash).map_err(VeilidAPIError::generic)?;
// Argon2 with default params (Argon2id v19)
let argon2 = Argon2::default();