Detailed changes
@@ -21,7 +21,7 @@ scram = ["base64", "getrandom", "sha-1", "sha2", "hmac", "pbkdf2"]
[dependencies]
base64 = { version = "0.12", optional = true }
getrandom = { version = "0.1", optional = true }
-sha-1 = { version = "0.8", optional = true }
-sha2 = { version = "0.8", optional = true }
-hmac = { version = "0.7", optional = true }
-pbkdf2 = { version = "0.3", default-features = false, optional = true }
+sha-1 = { version = "0.9", optional = true }
+sha2 = { version = "0.9", optional = true }
+hmac = { version = "0.8", optional = true }
+pbkdf2 = { version = "0.4", default-features = false, optional = true }
@@ -83,7 +83,7 @@ impl Secret {
pub fn password_pbkdf2<S: Into<String>>(
method: S,
salt: Vec<u8>,
- iterations: usize,
+ iterations: u32,
data: Vec<u8>,
) -> Secret {
Secret::Password(Password::Pbkdf2 {
@@ -104,7 +104,7 @@ pub enum Password {
Pbkdf2 {
method: String,
salt: Vec<u8>,
- iterations: usize,
+ iterations: u32,
data: Vec<u8>,
},
}
@@ -1,5 +1,5 @@
use getrandom::{getrandom, Error as RngError};
-use hmac::{crypto_mac::InvalidKeyLength, Hmac, Mac};
+use hmac::{crypto_mac::InvalidKeyLength, Hmac, Mac, NewMac};
use pbkdf2::pbkdf2;
use sha1::{Digest, Sha1 as Sha1_hash};
use sha2::Sha256 as Sha256_hash;
@@ -21,7 +21,7 @@ pub fn generate_nonce() -> Result<String, RngError> {
pub enum DeriveError {
IncompatibleHashingMethod(String, String),
IncorrectSalt,
- IncompatibleIterationCount(usize, usize),
+ IncompatibleIterationCount(u32, u32),
}
impl std::fmt::Display for DeriveError {
@@ -55,7 +55,7 @@ pub trait ScramProvider {
fn hmac(data: &[u8], key: &[u8]) -> Result<Vec<u8>, InvalidKeyLength>;
/// A function which does PBKDF2 key derivation using the hash function.
- fn derive(data: &Password, salt: &[u8], iterations: usize) -> Result<Vec<u8>, DeriveError>;
+ fn derive(data: &Password, salt: &[u8], iterations: u32) -> Result<Vec<u8>, DeriveError>;
}
/// A `ScramProvider` which provides SCRAM-SHA-1 and SCRAM-SHA-1-PLUS
@@ -78,14 +78,14 @@ impl ScramProvider for Sha1 {
fn hmac(data: &[u8], key: &[u8]) -> Result<Vec<u8>, InvalidKeyLength> {
type HmacSha1 = Hmac<Sha1_hash>;
let mut mac = HmacSha1::new_varkey(key)?;
- mac.input(data);
- let result = mac.result();
+ mac.update(data);
+ let result = mac.finalize();
let mut vec = Vec::with_capacity(Sha1_hash::output_size());
- vec.extend_from_slice(result.code().as_slice());
+ vec.extend_from_slice(result.into_bytes().as_slice());
Ok(vec)
}
- fn derive(password: &Password, salt: &[u8], iterations: usize) -> Result<Vec<u8>, DeriveError> {
+ fn derive(password: &Password, salt: &[u8], iterations: u32) -> Result<Vec<u8>, DeriveError> {
match *password {
Password::Plain(ref plain) => {
let mut result = vec![0; 20];
@@ -138,14 +138,14 @@ impl ScramProvider for Sha256 {
fn hmac(data: &[u8], key: &[u8]) -> Result<Vec<u8>, InvalidKeyLength> {
type HmacSha256 = Hmac<Sha256_hash>;
let mut mac = HmacSha256::new_varkey(key)?;
- mac.input(data);
- let result = mac.result();
+ mac.update(data);
+ let result = mac.finalize();
let mut vec = Vec::with_capacity(Sha256_hash::output_size());
- vec.extend_from_slice(result.code().as_slice());
+ vec.extend_from_slice(result.into_bytes().as_slice());
Ok(vec)
}
- fn derive(password: &Password, salt: &[u8], iterations: usize) -> Result<Vec<u8>, DeriveError> {
+ fn derive(password: &Password, salt: &[u8], iterations: u32) -> Result<Vec<u8>, DeriveError> {
match *password {
Password::Plain(ref plain) => {
let mut result = vec![0; 32];
@@ -39,7 +39,7 @@
//! const USERNAME: &'static str = "user";
//! const PASSWORD: &'static str = "pencil";
//! const SALT: [u8; 8] = [35, 71, 92, 105, 212, 219, 114, 93];
-//! const ITERATIONS: usize = 4096;
+//! const ITERATIONS: u32 = 4096;
//!
//! struct MyValidator;
//!
@@ -5,7 +5,7 @@ pub trait Secret {}
pub trait Pbkdf2Secret {
fn salt(&self) -> &[u8];
- fn iterations(&self) -> usize;
+ fn iterations(&self) -> u32;
fn digest(&self) -> &[u8];
}
@@ -17,17 +17,13 @@ impl Secret for Plain {}
#[derive(Clone, Debug, PartialEq, Eq)]
pub struct Pbkdf2Sha1 {
pub salt: Vec<u8>,
- pub iterations: usize,
+ pub iterations: u32,
pub digest: Vec<u8>,
}
impl Pbkdf2Sha1 {
#[cfg(feature = "scram")]
- pub fn derive(
- password: &str,
- salt: &[u8],
- iterations: usize,
- ) -> Result<Pbkdf2Sha1, DeriveError> {
+ pub fn derive(password: &str, salt: &[u8], iterations: u32) -> Result<Pbkdf2Sha1, DeriveError> {
use crate::common::scram::{ScramProvider, Sha1};
use crate::common::Password;
let digest = Sha1::derive(&Password::Plain(password.to_owned()), salt, iterations)?;
@@ -45,7 +41,7 @@ impl Pbkdf2Secret for Pbkdf2Sha1 {
fn salt(&self) -> &[u8] {
&self.salt
}
- fn iterations(&self) -> usize {
+ fn iterations(&self) -> u32 {
self.iterations
}
fn digest(&self) -> &[u8] {
@@ -56,7 +52,7 @@ impl Pbkdf2Secret for Pbkdf2Sha1 {
#[derive(Clone, Debug, PartialEq, Eq)]
pub struct Pbkdf2Sha256 {
pub salt: Vec<u8>,
- pub iterations: usize,
+ pub iterations: u32,
pub digest: Vec<u8>,
}
@@ -65,7 +61,7 @@ impl Pbkdf2Sha256 {
pub fn derive(
password: &str,
salt: &[u8],
- iterations: usize,
+ iterations: u32,
) -> Result<Pbkdf2Sha256, DeriveError> {
use crate::common::scram::{ScramProvider, Sha256};
use crate::common::Password;
@@ -84,7 +80,7 @@ impl Pbkdf2Secret for Pbkdf2Sha256 {
fn salt(&self) -> &[u8] {
&self.salt
}
- fn iterations(&self) -> usize {
+ fn iterations(&self) -> u32 {
self.iterations
}
fn digest(&self) -> &[u8] {