2018-12-30 23:34:31 +01:00
|
|
|
//
|
|
|
|
// PBKDF2 derivation
|
|
|
|
//
|
2020-07-14 18:00:09 +02:00
|
|
|
use std::num::NonZeroU32;
|
2018-02-10 01:00:55 +01:00
|
|
|
|
2021-05-25 12:48:57 +02:00
|
|
|
use data_encoding::HEXLOWER;
|
2019-04-26 22:08:26 +02:00
|
|
|
use ring::{digest, hmac, pbkdf2};
|
2020-07-14 18:00:09 +02:00
|
|
|
|
|
|
|
use crate::error::Error;
|
2018-02-10 01:00:55 +01:00
|
|
|
|
2020-03-16 16:39:20 +01:00
|
|
|
static DIGEST_ALG: pbkdf2::Algorithm = pbkdf2::PBKDF2_HMAC_SHA256;
|
2018-02-10 01:00:55 +01:00
|
|
|
const OUTPUT_LEN: usize = digest::SHA256_OUTPUT_LEN;
|
|
|
|
|
|
|
|
pub fn hash_password(secret: &[u8], salt: &[u8], iterations: u32) -> Vec<u8> {
|
|
|
|
let mut out = vec![0u8; OUTPUT_LEN]; // Initialize array with zeros
|
|
|
|
|
2019-03-09 14:42:16 +01:00
|
|
|
let iterations = NonZeroU32::new(iterations).expect("Iterations can't be zero");
|
2018-02-10 01:00:55 +01:00
|
|
|
pbkdf2::derive(DIGEST_ALG, iterations, salt, secret, &mut out);
|
|
|
|
|
|
|
|
out
|
|
|
|
}
|
|
|
|
|
|
|
|
pub fn verify_password_hash(secret: &[u8], salt: &[u8], previous: &[u8], iterations: u32) -> bool {
|
2019-03-09 14:42:16 +01:00
|
|
|
let iterations = NonZeroU32::new(iterations).expect("Iterations can't be zero");
|
2018-02-10 01:00:55 +01:00
|
|
|
pbkdf2::verify(DIGEST_ALG, iterations, salt, secret, previous).is_ok()
|
|
|
|
}
|
|
|
|
|
2019-04-05 22:09:53 +02:00
|
|
|
//
|
|
|
|
// HMAC
|
|
|
|
//
|
2019-04-26 22:08:26 +02:00
|
|
|
pub fn hmac_sign(key: &str, data: &str) -> String {
|
2020-03-16 16:39:20 +01:00
|
|
|
let key = hmac::Key::new(hmac::HMAC_SHA1_FOR_LEGACY_USE_ONLY, key.as_bytes());
|
2019-04-05 22:09:53 +02:00
|
|
|
let signature = hmac::sign(&key, data.as_bytes());
|
|
|
|
|
|
|
|
HEXLOWER.encode(signature.as_ref())
|
|
|
|
}
|
|
|
|
|
2018-12-30 23:34:31 +01:00
|
|
|
//
|
|
|
|
// Random values
|
|
|
|
//
|
2018-02-10 01:00:55 +01:00
|
|
|
|
|
|
|
pub fn get_random_64() -> Vec<u8> {
|
|
|
|
get_random(vec![0u8; 64])
|
|
|
|
}
|
|
|
|
|
|
|
|
pub fn get_random(mut array: Vec<u8>) -> Vec<u8> {
|
|
|
|
use ring::rand::{SecureRandom, SystemRandom};
|
|
|
|
|
2021-04-06 22:54:42 +02:00
|
|
|
SystemRandom::new().fill(&mut array).expect("Error generating random values");
|
2018-02-10 01:00:55 +01:00
|
|
|
|
|
|
|
array
|
|
|
|
}
|
2019-02-11 23:45:55 +01:00
|
|
|
|
2022-01-19 11:51:26 +01:00
|
|
|
/// Generates a random string over a specified alphabet.
|
|
|
|
pub fn get_random_string(alphabet: &[u8], num_chars: usize) -> String {
|
|
|
|
// Ref: https://rust-lang-nursery.github.io/rust-cookbook/algorithms/randomness.html
|
|
|
|
use rand::Rng;
|
|
|
|
let mut rng = rand::thread_rng();
|
|
|
|
|
|
|
|
(0..num_chars)
|
|
|
|
.map(|_| {
|
|
|
|
let i = rng.gen_range(0..alphabet.len());
|
|
|
|
alphabet[i] as char
|
|
|
|
})
|
|
|
|
.collect()
|
|
|
|
}
|
|
|
|
|
|
|
|
/// Generates a random alphanumeric string.
|
|
|
|
pub fn get_random_string_alphanum(num_chars: usize) -> String {
|
|
|
|
const ALPHABET: &[u8] = b"ABCDEFGHIJKLMNOPQRSTUVWXYZ\
|
|
|
|
abcdefghijklmnopqrstuvwxyz\
|
|
|
|
0123456789";
|
|
|
|
get_random_string(ALPHABET, num_chars)
|
|
|
|
}
|
|
|
|
|
2021-05-26 08:15:24 +02:00
|
|
|
pub fn generate_id(num_bytes: usize) -> String {
|
|
|
|
HEXLOWER.encode(&get_random(vec![0; num_bytes]))
|
|
|
|
}
|
|
|
|
|
|
|
|
pub fn generate_send_id() -> String {
|
|
|
|
// Send IDs are globally scoped, so make them longer to avoid collisions.
|
|
|
|
generate_id(32) // 256 bits
|
|
|
|
}
|
|
|
|
|
|
|
|
pub fn generate_attachment_id() -> String {
|
|
|
|
// Attachment IDs are scoped to a cipher, so they can be smaller.
|
|
|
|
generate_id(10) // 80 bits
|
2021-05-25 12:48:57 +02:00
|
|
|
}
|
|
|
|
|
2019-11-25 06:28:49 +01:00
|
|
|
pub fn generate_token(token_size: u32) -> Result<String, Error> {
|
2020-08-23 01:07:53 +02:00
|
|
|
// A u64 can represent all whole numbers up to 19 digits long.
|
2019-11-25 06:28:49 +01:00
|
|
|
if token_size > 19 {
|
2020-08-23 01:07:53 +02:00
|
|
|
err!("Token size is limited to 19 digits")
|
2019-11-25 06:28:49 +01:00
|
|
|
}
|
|
|
|
|
2020-08-23 01:07:53 +02:00
|
|
|
let low: u64 = 0;
|
|
|
|
let high: u64 = 10u64.pow(token_size);
|
2019-11-25 06:28:49 +01:00
|
|
|
|
2020-08-23 01:07:53 +02:00
|
|
|
// Generate a random number in the range [low, high), then format it as a
|
|
|
|
// token of fixed width, left-padding with 0 as needed.
|
|
|
|
use rand::{thread_rng, Rng};
|
|
|
|
let mut rng = thread_rng();
|
2021-01-31 20:07:42 +01:00
|
|
|
let number: u64 = rng.gen_range(low..high);
|
2019-11-25 06:28:49 +01:00
|
|
|
let token = format!("{:0size$}", number, size = token_size as usize);
|
2020-08-23 01:07:53 +02:00
|
|
|
|
2019-11-25 06:28:49 +01:00
|
|
|
Ok(token)
|
|
|
|
}
|
|
|
|
|
2022-01-19 11:51:26 +01:00
|
|
|
/// Generates a personal API key.
|
|
|
|
/// Upstream uses 30 chars, which is ~178 bits of entropy.
|
|
|
|
pub fn generate_api_key() -> String {
|
|
|
|
get_random_string_alphanum(30)
|
|
|
|
}
|
|
|
|
|
2019-02-11 23:45:55 +01:00
|
|
|
//
|
|
|
|
// Constant time compare
|
|
|
|
//
|
|
|
|
pub fn ct_eq<T: AsRef<[u8]>, U: AsRef<[u8]>>(a: T, b: U) -> bool {
|
|
|
|
use ring::constant_time::verify_slices_are_equal;
|
|
|
|
|
|
|
|
verify_slices_are_equal(a.as_ref(), b.as_ref()).is_ok()
|
|
|
|
}
|