upgrade argon2, add aws-sdk-s3
This commit is contained in:
parent
e3b11ad1d8
commit
4b8b48b485
GPG key ID:
E9602264D639FF68
3 changed files with 724 additions and 67 deletions
768
Cargo.lock
generated
768
Cargo.lock
generated
File diff suppressed because it is too large
Load diff
|
|
@ -7,8 +7,10 @@ license = "AGPL-3.0"
|
|||
description = "Encrypted mail storage over Garage"
|
||||
|
||||
[dependencies]
|
||||
aws-config = { version = "1.1.1", features = ["behavior-version-latest"] }
|
||||
aws-sdk-s3 = "1.9.0"
|
||||
anyhow = "1.0.28"
|
||||
argon2 = "0.3"
|
||||
argon2 = "0.5"
|
||||
async-trait = "0.1"
|
||||
backtrace = "0.3"
|
||||
base64 = "0.21"
|
||||
|
|
@ -22,11 +24,7 @@ itertools = "0.10"
|
|||
lazy_static = "1.4"
|
||||
ldap3 = { version = "0.10", default-features = false, features = ["tls-rustls"] }
|
||||
log = "0.4"
|
||||
rusoto_core = { version = "0.48.0", default_features = false, features = ["rustls"] }
|
||||
rusoto_credential = "0.48.0"
|
||||
rusoto_s3 = { version = "0.48.0", default_features = false, features = ["rustls"] }
|
||||
hyper-rustls = { version = "0.24", features = ["http2"] }
|
||||
rusoto_signature = "0.48.0"
|
||||
nix = { version = "0.27", features = ["signal"] }
|
||||
serde = "1.0.137"
|
||||
rand = "0.8.5"
|
||||
|
|
|
|||
|
|
@ -210,21 +210,18 @@ fn try_open_encrypted_keys(kdf_salt: &[u8], password: &str, encrypted_keys: &[u8
|
|||
// ---- UTIL ----
|
||||
|
||||
pub fn argon2_kdf(salt: &[u8], password: &[u8], output_len: usize) -> Result<Vec<u8>> {
|
||||
use argon2::{Algorithm, Argon2, ParamsBuilder, PasswordHasher, Version};
|
||||
use argon2::{Algorithm, Argon2, ParamsBuilder, PasswordHasher, Version, password_hash};
|
||||
|
||||
let mut params = ParamsBuilder::new();
|
||||
params
|
||||
let params = ParamsBuilder::new()
|
||||
.output_len(output_len)
|
||||
.map_err(|e| anyhow!("Invalid output length: {}", e))?;
|
||||
|
||||
let params = params
|
||||
.params()
|
||||
.build()
|
||||
.map_err(|e| anyhow!("Invalid argon2 params: {}", e))?;
|
||||
let argon2 = Argon2::new(Algorithm::default(), Version::default(), params);
|
||||
|
||||
let salt = base64::engine::general_purpose::STANDARD_NO_PAD.encode(salt);
|
||||
let b64_salt = base64::engine::general_purpose::STANDARD_NO_PAD.encode(salt);
|
||||
let valid_salt = password_hash::Salt::from_b64(&b64_salt).map_err(|e| anyhow!("Invalid salt, error {}", e))?;
|
||||
let hash = argon2
|
||||
.hash_password(password, &salt)
|
||||
.hash_password(password, valid_salt)
|
||||
.map_err(|e| anyhow!("Unable to hash: {}", e))?;
|
||||
|
||||
let hash = hash.hash.ok_or(anyhow!("Missing output"))?;
|
||||
|
|
|
|||
Loading…
Reference in a new issue