in-memory storage #32

Merged
quentin merged 65 commits from in-memory into main 2023-12-27 16:35:43 +00:00
3 changed files with 724 additions and 67 deletions
Showing only changes of commit 4b8b48b485 - Show all commits

768
Cargo.lock generated

File diff suppressed because it is too large Load diff

View file

@ -7,8 +7,10 @@ license = "AGPL-3.0"
description = "Encrypted mail storage over Garage"
[dependencies]
aws-config = { version = "1.1.1", features = ["behavior-version-latest"] }
aws-sdk-s3 = "1.9.0"
anyhow = "1.0.28"
argon2 = "0.3"
argon2 = "0.5"
async-trait = "0.1"
backtrace = "0.3"
base64 = "0.21"
@ -22,11 +24,7 @@ itertools = "0.10"
lazy_static = "1.4"
ldap3 = { version = "0.10", default-features = false, features = ["tls-rustls"] }
log = "0.4"
rusoto_core = { version = "0.48.0", default_features = false, features = ["rustls"] }
rusoto_credential = "0.48.0"
rusoto_s3 = { version = "0.48.0", default_features = false, features = ["rustls"] }
hyper-rustls = { version = "0.24", features = ["http2"] }
rusoto_signature = "0.48.0"
nix = { version = "0.27", features = ["signal"] }
serde = "1.0.137"
rand = "0.8.5"

View file

@ -210,21 +210,18 @@ fn try_open_encrypted_keys(kdf_salt: &[u8], password: &str, encrypted_keys: &[u8
// ---- UTIL ----
pub fn argon2_kdf(salt: &[u8], password: &[u8], output_len: usize) -> Result<Vec<u8>> {
use argon2::{Algorithm, Argon2, ParamsBuilder, PasswordHasher, Version};
use argon2::{Algorithm, Argon2, ParamsBuilder, PasswordHasher, Version, password_hash};
let mut params = ParamsBuilder::new();
params
let params = ParamsBuilder::new()
.output_len(output_len)
.map_err(|e| anyhow!("Invalid output length: {}", e))?;
let params = params
.params()
.build()
.map_err(|e| anyhow!("Invalid argon2 params: {}", e))?;
let argon2 = Argon2::new(Algorithm::default(), Version::default(), params);
let salt = base64::engine::general_purpose::STANDARD_NO_PAD.encode(salt);
let b64_salt = base64::engine::general_purpose::STANDARD_NO_PAD.encode(salt);
let valid_salt = password_hash::Salt::from_b64(&b64_salt).map_err(|e| anyhow!("Invalid salt, error {}", e))?;
let hash = argon2
.hash_password(password, &salt)
.hash_password(password, valid_salt)
.map_err(|e| anyhow!("Unable to hash: {}", e))?;
let hash = hash.hash.ok_or(anyhow!("Missing output"))?;