Update parity-crypto to ring v0.14 (#99)
This commit is contained in:
parent
de3329a160
commit
810053329e
|
@ -1,6 +1,6 @@
|
||||||
[package]
|
[package]
|
||||||
name = "parity-crypto"
|
name = "parity-crypto"
|
||||||
version = "0.2.0"
|
version = "0.3.0"
|
||||||
authors = ["Parity Technologies <admin@parity.io>"]
|
authors = ["Parity Technologies <admin@parity.io>"]
|
||||||
repository = "https://github.com/paritytech/parity-common"
|
repository = "https://github.com/paritytech/parity-common"
|
||||||
description = "Crypto utils used by ethstore and network."
|
description = "Crypto utils used by ethstore and network."
|
||||||
|
@ -8,6 +8,6 @@ license = "GPL-3.0"
|
||||||
|
|
||||||
[dependencies]
|
[dependencies]
|
||||||
quick-error = "1.2.2"
|
quick-error = "1.2.2"
|
||||||
ring = "0.13"
|
ring = "0.14.3"
|
||||||
rust-crypto = "0.2.36"
|
rust-crypto = "0.2.36"
|
||||||
tiny-keccak = "1.4"
|
tiny-keccak = "1.4"
|
||||||
|
|
|
@ -73,7 +73,9 @@ impl<'a> Encryptor<'a> {
|
||||||
Mode::Aes256Gcm => ring::aead::AES_256_GCM.tag_len(),
|
Mode::Aes256Gcm => ring::aead::AES_256_GCM.tag_len(),
|
||||||
};
|
};
|
||||||
data.extend(::std::iter::repeat(0).take(tag_len));
|
data.extend(::std::iter::repeat(0).take(tag_len));
|
||||||
let len = ring::aead::seal_in_place(&self.key, nonce, self.ad, &mut data[self.offset ..], tag_len)?;
|
let nonce = ring::aead::Nonce::assume_unique_for_key(*nonce);
|
||||||
|
let aad = ring::aead::Aad::from(self.ad);
|
||||||
|
let len = ring::aead::seal_in_place(&self.key, nonce, aad, &mut data[self.offset ..], tag_len)?;
|
||||||
data.truncate(self.offset + len);
|
data.truncate(self.offset + len);
|
||||||
Ok(data)
|
Ok(data)
|
||||||
}
|
}
|
||||||
|
@ -121,7 +123,9 @@ impl<'a> Decryptor<'a> {
|
||||||
if self.offset > data.len() {
|
if self.offset > data.len() {
|
||||||
return Err(SymmError::offset_error(self.offset))
|
return Err(SymmError::offset_error(self.offset))
|
||||||
}
|
}
|
||||||
let len = ring::aead::open_in_place(&self.key, nonce, self.ad, 0, &mut data[self.offset ..])?.len();
|
let nonce = ring::aead::Nonce::assume_unique_for_key(*nonce);
|
||||||
|
let aad = ring::aead::Aad::from(self.ad);
|
||||||
|
let len = ring::aead::open_in_place(&self.key, nonce, aad, 0, &mut data[self.offset ..])?.len();
|
||||||
data.truncate(self.offset + len);
|
data.truncate(self.offset + len);
|
||||||
Ok(data)
|
Ok(data)
|
||||||
}
|
}
|
||||||
|
|
|
@ -55,7 +55,7 @@ impl<T> Keccak256<[u8; 32]> for T where T: AsRef<[u8]> {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn derive_key_iterations(password: &[u8], salt: &[u8], c: u32) -> (Vec<u8>, Vec<u8>) {
|
pub fn derive_key_iterations(password: &[u8], salt: &[u8], c: std::num::NonZeroU32) -> (Vec<u8>, Vec<u8>) {
|
||||||
let mut derived_key = [0u8; KEY_LENGTH];
|
let mut derived_key = [0u8; KEY_LENGTH];
|
||||||
pbkdf2::sha256(c, pbkdf2::Salt(salt), pbkdf2::Secret(password), &mut derived_key);
|
pbkdf2::sha256(c, pbkdf2::Salt(salt), pbkdf2::Secret(password), &mut derived_key);
|
||||||
let derived_right_bits = &derived_key[0..KEY_LENGTH_AES];
|
let derived_right_bits = &derived_key[0..KEY_LENGTH_AES];
|
||||||
|
|
|
@ -14,15 +14,17 @@
|
||||||
// You should have received a copy of the GNU General Public License
|
// You should have received a copy of the GNU General Public License
|
||||||
// along with Parity. If not, see <http://www.gnu.org/licenses/>.
|
// along with Parity. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
|
use std::num::NonZeroU32;
|
||||||
|
|
||||||
use ring;
|
use ring;
|
||||||
|
|
||||||
pub struct Salt<'a>(pub &'a [u8]);
|
pub struct Salt<'a>(pub &'a [u8]);
|
||||||
pub struct Secret<'a>(pub &'a [u8]);
|
pub struct Secret<'a>(pub &'a [u8]);
|
||||||
|
|
||||||
pub fn sha256(iter: u32, salt: Salt, sec: Secret, out: &mut [u8; 32]) {
|
pub fn sha256(iter: NonZeroU32, salt: Salt, sec: Secret, out: &mut [u8; 32]) {
|
||||||
ring::pbkdf2::derive(&ring::digest::SHA256, iter, salt.0, sec.0, &mut out[..])
|
ring::pbkdf2::derive(&ring::digest::SHA256, iter, salt.0, sec.0, &mut out[..])
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn sha512(iter: u32, salt: Salt, sec: Secret, out: &mut [u8; 64]) {
|
pub fn sha512(iter: NonZeroU32, salt: Salt, sec: Secret, out: &mut [u8; 64]) {
|
||||||
ring::pbkdf2::derive(&ring::digest::SHA512, iter, salt.0, sec.0, &mut out[..])
|
ring::pbkdf2::derive(&ring::digest::SHA512, iter, salt.0, sec.0, &mut out[..])
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue