dan/Portfolio
1
0
Fork 0
mirror of https://github.com/danbulant/Portfolio synced 2026-06-24 17:11:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: use more secure AES implementation

Browse source
This commit is contained in:
EETagent 2022-10-30 01:28:57 +02:00
parent 764f762bc5
commit 33ee9a50a2
2 changed files with 7 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
core/Cargo.toml
View file

@ -26,7 +26,7 @@ infer = "^0.9"
# crypto # crypto
rand = "^0.8" rand = "^0.8"
aes-gcm = { version = "^0.10", features = ["std"] } aes-gcm-siv = { version = "^0.11", features = ["std"] }
argon2 = { version = "^0.4", features = ["std"] } argon2 = { version = "^0.4", features = ["std"] }
age = { version = "^0.9", features = ["async"] } age = { version = "^0.9", features = ["async"] }
secrecy = { version = "^0.8" } secrecy = { version = "^0.8" }

12
core/src/crypto.rs
View file

@ -1,5 +1,5 @@
use aes_gcm::aead::Aead; use aes_gcm_siv::aead::Aead;
use aes_gcm::KeyInit; use aes_gcm_siv::KeyInit;
use argon2::{ use argon2::{
Argon2, PasswordHasher as ArgonPasswordHasher, PasswordVerifier as ArgonPasswordVerifier, Argon2, PasswordHasher as ArgonPasswordHasher, PasswordVerifier as ArgonPasswordVerifier,
}; };
@ -95,9 +95,9 @@ pub async fn encrypt_password(
let hash = tokio::task::spawn_blocking(move || { let hash = tokio::task::spawn_blocking(move || {
let aes_key_nonce = convert_key_aes256(&key); let aes_key_nonce = convert_key_aes256(&key);
let nonce = aes_gcm::Nonce::from_slice(&aes_key_nonce[..12]); let nonce = aes_gcm_siv::Nonce::from_slice(&aes_key_nonce[..12]);
let cipher = aes_gcm::Aes256Gcm::new_from_slice(&aes_key_nonce[..32]).unwrap(); let cipher = aes_gcm_siv::Aes256GcmSiv::new_from_slice(&aes_key_nonce[..32]).unwrap();
let res = cipher.encrypt(nonce, password_plain_text.as_bytes()); let res = cipher.encrypt(nonce, password_plain_text.as_bytes());
res res
@ -115,8 +115,8 @@ pub async fn decrypt_password(
let plain = tokio::task::spawn_blocking(move || { let plain = tokio::task::spawn_blocking(move || {
let aes_key_nonce = convert_key_aes256(&key); let aes_key_nonce = convert_key_aes256(&key);
let nonce = aes_gcm::Nonce::from_slice(&aes_key_nonce[..12]); let nonce = aes_gcm_siv::Nonce::from_slice(&aes_key_nonce[..12]);
let cipher = aes_gcm::Aes256Gcm::new_from_slice(&aes_key_nonce[..32]).unwrap(); let cipher = aes_gcm_siv::Aes256GcmSiv::new_from_slice(&aes_key_nonce[..32]).unwrap();
let res = cipher.decrypt(nonce, &*input); let res = cipher.decrypt(nonce, &*input);