diff options
| author | Quentin Dufour <quentin@deuxfleurs.fr> | 2023-12-13 18:04:04 +0100 |
|---|---|---|
| committer | Quentin Dufour <quentin@deuxfleurs.fr> | 2023-12-13 18:04:04 +0100 |
| commit | 29561dde41b402362f8baa3d9cd87a07f743b9fd (patch) | |
| tree | 3d2698eb2c3547d923bf6468e65614eb7fc73dcf /src/login | |
| parent | 064a1077c8c66fe8d3ee71f831c930e1ddfbc34a (diff) | |
| download | aerogramme-29561dde41b402362f8baa3d9cd87a07f743b9fd.tar.gz aerogramme-29561dde41b402362f8baa3d9cd87a07f743b9fd.zip | |
CLI tools
Diffstat (limited to 'src/login')
| -rw-r--r-- | src/login/mod.rs | 12 | ||||
| -rw-r--r-- | src/login/static_provider.rs | 4 |
2 files changed, 7 insertions, 9 deletions
diff --git a/src/login/mod.rs b/src/login/mod.rs index 3d7a49f..9e0c437 100644 --- a/src/login/mod.rs +++ b/src/login/mod.rs @@ -109,16 +109,13 @@ impl CryptoRoot { match self.0.splitn(4, ':').collect::<Vec<&str>>()[..] { [ "aero", "cryptoroot", "pass", b64blob ] => { let blob = base64::engine::general_purpose::STANDARD_NO_PAD.decode(b64blob)?; - if blob.len() < 32 { - bail!("Decoded data is {} bytes long, expect at least 32 bytes", blob.len()); - } - CryptoKeys::password_open(password, &blob[32..]) + CryptoKeys::password_open(password, &blob) }, [ "aero", "cryptoroot", "cleartext", b64blob ] => { let blob = base64::engine::general_purpose::STANDARD_NO_PAD.decode(b64blob)?; CryptoKeys::deserialize(&blob) }, - [ "aero", "cryptoroot", "incoming", b64blob ] => { + [ "aero", "cryptoroot", "incoming", _ ] => { bail!("incoming cryptoroot does not contain a crypto key!") }, [ "aero", "cryptoroot", "keyring", _ ] =>{ @@ -184,8 +181,9 @@ impl CryptoKeys { // Password sealed keys serialize/deserialize pub fn password_open(password: &str, blob: &[u8]) -> Result<Self> { - let kdf_salt = &blob[0..32]; - let password_openned = try_open_encrypted_keys(kdf_salt, password, &blob[32..])?; + let _pubkey = &blob[0..32]; + let kdf_salt = &blob[32..64]; + let password_openned = try_open_encrypted_keys(kdf_salt, password, &blob[64..])?; let keys = Self::deserialize(&password_openned)?; Ok(keys) diff --git a/src/login/static_provider.rs b/src/login/static_provider.rs index 178d97e..85d55ef 100644 --- a/src/login/static_provider.rs +++ b/src/login/static_provider.rs @@ -81,7 +81,7 @@ impl LoginProvider for StaticLoginProvider { }), }; - let cr = CryptoRoot(user.crypto_root); + let cr = CryptoRoot(user.crypto_root.clone()); let keys = cr.crypto_keys(password)?; tracing::debug!(user=%username, "logged"); @@ -106,7 +106,7 @@ impl LoginProvider for StaticLoginProvider { }), }; - let cr = CryptoRoot(user.crypto_root); + let cr = CryptoRoot(user.crypto_root.clone()); let public_key = cr.public_key()?; Ok(PublicCredentials { |