From bf27520bd2fe0f7340e6ced8ee52dca1c095c057 Mon Sep 17 00:00:00 2001 From: Yeastplume Date: Mon, 24 Feb 2020 17:28:57 +0000 Subject: [PATCH] update and confirm new ring::aead version (#343) --- api/src/types.rs | 44 +++++++++++++++++------------ impls/src/lifecycle/seed.rs | 55 ++++++++++++++++++------------------- 2 files changed, 53 insertions(+), 46 deletions(-) diff --git a/api/src/types.rs b/api/src/types.rs index bf711c4f6..8245547e4 100644 --- a/api/src/types.rs +++ b/api/src/types.rs @@ -80,17 +80,22 @@ impl EncryptedBody { ))? .as_bytes() .to_vec(); - let sealing_key = aead::SealingKey::new(&aead::AES_256_GCM, &enc_key.0).context( - ErrorKind::APIEncryption("EncryptedBody Enc: Unable to create key".to_owned()), - )?; + let nonce: [u8; 12] = thread_rng().gen(); - let suffix_len = aead::AES_256_GCM.tag_len(); - for _ in 0..suffix_len { - to_encrypt.push(0); + + let unbound_key = aead::UnboundKey::new(&aead::AES_256_GCM, &enc_key.0).unwrap(); + let sealing_key: aead::LessSafeKey = aead::LessSafeKey::new(unbound_key); + let aad = aead::Aad::from(&[]); + let res = sealing_key.seal_in_place_append_tag( + aead::Nonce::assume_unique_for_key(nonce), + aad, + &mut to_encrypt, + ); + if let Err(_) = res { + return Err( + ErrorKind::APIEncryption("EncryptedBody: encryption failed".to_owned()).into(), + ); } - aead::seal_in_place(&sealing_key, &nonce, &[], &mut to_encrypt, suffix_len).context( - ErrorKind::APIEncryption("EncryptedBody: Encryption Failed".to_owned()), - )?; Ok(EncryptedBody { nonce: to_hex(nonce.to_vec()), @@ -120,20 +125,25 @@ impl EncryptedBody { let mut to_decrypt = base64::decode(&self.body_enc).context(ErrorKind::APIEncryption( "EncryptedBody Dec: Encrypted request contains invalid Base64".to_string(), ))?; - let opening_key = aead::OpeningKey::new(&aead::AES_256_GCM, &dec_key.0).context( - ErrorKind::APIEncryption("EncryptedBody Dec: Unable to create key".to_owned()), - )?; let nonce = from_hex(self.nonce.clone()).context(ErrorKind::APIEncryption( "EncryptedBody Dec: Invalid Nonce".to_string(), ))?; - aead::open_in_place(&opening_key, &nonce, &[], 0, &mut to_decrypt).context( - ErrorKind::APIEncryption( - "EncryptedBody Dec: Decryption Failed (is key correct?)".to_string(), - ), - )?; + let mut n = [0u8; 12]; + n.copy_from_slice(&nonce[0..12]); + let unbound_key = aead::UnboundKey::new(&aead::AES_256_GCM, &dec_key.0).unwrap(); + let opening_key: aead::LessSafeKey = aead::LessSafeKey::new(unbound_key); + let aad = aead::Aad::from(&[]); + let res = + opening_key.open_in_place(aead::Nonce::assume_unique_for_key(n), aad, &mut to_decrypt); + if let Err(_) = res { + return Err( + ErrorKind::APIEncryption("EncryptedBody: decryption failed".to_owned()).into(), + ); + } for _ in 0..aead::AES_256_GCM.tag_len() { to_decrypt.pop(); } + let decrypted = String::from_utf8(to_decrypt).context(ErrorKind::APIEncryption( "EncryptedBody Dec: Invalid UTF-8".to_string(), ))?; diff --git a/impls/src/lifecycle/seed.rs b/impls/src/lifecycle/seed.rs index 65cb6200b..01001cc22 100644 --- a/impls/src/lifecycle/seed.rs +++ b/impls/src/lifecycle/seed.rs @@ -230,23 +230,6 @@ pub struct EncryptedWalletSeed { pub nonce: String, } -struct RandomNonce; - -impl aead::NonceSequence for RandomNonce { - fn advance(&mut self) -> Result { - let nonce: [u8; 12] = thread_rng().gen(); - Ok(aead::Nonce::assume_unique_for_key(nonce)) - } -} - -struct OpeningNonce([u8; 12]); - -impl aead::NonceSequence for OpeningNonce { - fn advance(&mut self) -> Result { - Ok(aead::Nonce::assume_unique_for_key(self.0)) - } -} - impl EncryptedWalletSeed { /// Create a new encrypted seed from the given seed + password pub fn from_seed( @@ -256,7 +239,7 @@ impl EncryptedWalletSeed { let salt: [u8; 8] = thread_rng().gen(); let nonce: [u8; 12] = thread_rng().gen(); let password = password.as_bytes(); - let mut key = [0; 64]; + let mut key = [0; 32]; pbkdf2::derive( ring::pbkdf2::PBKDF2_HMAC_SHA512, NonZeroU32::new(100).unwrap(), @@ -266,15 +249,21 @@ impl EncryptedWalletSeed { ); let content = seed.0.to_vec(); let mut enc_bytes = content; - let suffix_len = aead::CHACHA20_POLY1305.tag_len(); + /*let suffix_len = aead::CHACHA20_POLY1305.tag_len(); for _ in 0..suffix_len { enc_bytes.push(0); - } + }*/ let unbound_key = aead::UnboundKey::new(&aead::CHACHA20_POLY1305, &key).unwrap(); - let mut sealing_key: aead::SealingKey = - aead::BoundKey::new(unbound_key, RandomNonce); - let aad = aead::Aad::empty(); - sealing_key.seal_in_place_append_tag(aad, &mut enc_bytes); + let sealing_key: aead::LessSafeKey = aead::LessSafeKey::new(unbound_key); + let aad = aead::Aad::from(&[]); + let res = sealing_key.seal_in_place_append_tag( + aead::Nonce::assume_unique_for_key(nonce), + aad, + &mut enc_bytes, + ); + if let Err(_) = res { + return Err(ErrorKind::Encryption.into()); + } Ok(EncryptedWalletSeed { encrypted_seed: util::to_hex(enc_bytes.to_vec()), @@ -309,12 +298,20 @@ impl EncryptedWalletSeed { let mut n = [0u8; 12]; n.copy_from_slice(&nonce[0..12]); - let nonce = OpeningNonce(n); let unbound_key = aead::UnboundKey::new(&aead::CHACHA20_POLY1305, &key).unwrap(); - let mut opening_key: aead::OpeningKey = - aead::BoundKey::new(unbound_key, nonce); - let aad = aead::Aad::empty(); - opening_key.open_in_place(aad, &mut encrypted_seed); + let opening_key: aead::LessSafeKey = aead::LessSafeKey::new(unbound_key); + let aad = aead::Aad::from(&[]); + let res = opening_key.open_in_place( + aead::Nonce::assume_unique_for_key(n), + aad, + &mut encrypted_seed, + ); + if let Err(_) = res { + return Err(ErrorKind::Encryption.into()); + } + for _ in 0..aead::AES_256_GCM.tag_len() { + encrypted_seed.pop(); + } Ok(WalletSeed::from_bytes(&encrypted_seed)) }