replace secrets crate with secrecy

2021-08-25 00:19:17 -04:00 · 2021-08-25 00:19:17 -04:00 · bf0b6d1572
commit bf0b6d1572
parent ce2285d617
3 changed files with 26 additions and 17 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -1553,13 +1553,13 @@ dependencies = [
 ]

 [[package]]
-name = "secrets"
-version = "1.1.0"
+name = "secrecy"
+version = "0.8.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "58b9d59a8542189a7931c0f18811e59db46529efab6d566541625590e994b945"
+checksum = "9bd1c54ea06cfd2f6b63219704de0b9b4f72dcc2b8fdef820be6cd799780e91e"
 dependencies = [
- "libc",
- "pkg-config",
+ "serde",
+ "zeroize",
 ]

 [[package]]
@ -1840,7 +1840,7 @@ dependencies = [
 "reqwest",
 "rsa",
 "scraper",
- "secrets",
+ "secrecy",
 "serde",
 "serde_json",
 "standback",
@ -2441,9 +2441,9 @@ dependencies = [

 [[package]]
 name = "zeroize"
-version = "1.2.0"
+version = "1.4.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "81a974bcdd357f0dca4d41677db03436324d45a4c9ed2d0b873a5a360ce41c36"
+checksum = "377db0846015f7ae377174787dd452e1c5f5a9050bc6f954911d01f116daa0cd"
 dependencies = [
 "zeroize_derive",
 ]
--- a/steamguard/Cargo.toml
+++ b/steamguard/Cargo.toml
@ -24,4 +24,4 @@ log = "0.4.14"
 scraper = "0.12.0"
 maplit = "1.0.2"
 thiserror = "1.0.26"
-secrets = "1.1.0"
+secrecy = { version = "0.8", features = ["serde"] }
--- a/steamguard/src/token.rs
+++ b/steamguard/src/token.rs
@ -1,19 +1,20 @@
-use secrets::SecretBox;
+use secrecy::{ExposeSecret, Secret};
 use serde::{Deserialize, Deserializer, Serialize, Serializer};
 use std::convert::TryInto;

-#[derive(Debug, Clone, PartialEq, Eq)]
-pub struct TwoFactorSecret(SecretBox<[u8; 20]>);
+#[derive(Debug, Clone)]
+pub struct TwoFactorSecret(Secret<[u8; 20]>);
+// pub struct TwoFactorSecret(Secret<Vec<u8>>);

 impl TwoFactorSecret {
 	pub fn new() -> Self {
-		return Self(SecretBox::from(&mut [0u8; 20]));
+		return Self([0u8; 20].into());
 	}

 	pub fn parse_shared_secret(secret: String) -> anyhow::Result<Self> {
 		ensure!(secret.len() != 0, "unable to parse empty shared secret");
-		let mut result: [u8; 20] = base64::decode(secret)?.try_into().unwrap();
-		return Ok(Self(SecretBox::from(&mut result)));
+		let result: [u8; 20] = base64::decode(secret)?.try_into().unwrap();
+		return Ok(Self(result.into()));
 	}

 	/// Generate a 5 character 2FA code to that can be used to log in to Steam.
@ -25,7 +26,7 @@ impl TwoFactorSecret {

 		// this effectively makes it so that it creates a new code every 30 seconds.
 		let time_bytes: [u8; 8] = build_time_bytes(time / 30i64);
-		let hashed_data = hmacsha1::hmac_sha1(&self.0.borrow().to_vec(), &time_bytes);
+		let hashed_data = hmacsha1::hmac_sha1(self.0.expose_secret(), &time_bytes);
 		let mut code_array: [u8; 5] = [0; 5];
 		let b = (hashed_data[19] & 0xF) as usize;
 		let mut code_point: i32 = ((hashed_data[b] & 0x7F) as i32) << 24
@ -48,7 +49,7 @@ impl Serialize for TwoFactorSecret {
 	where
 		S: Serializer,
 	{
-		serializer.serialize_str(base64::encode(&self.0.borrow().to_vec()).as_str())
+		serializer.serialize_str(base64::encode(&self.0.expose_secret()).as_str())
 	}
 }

@ -61,6 +62,14 @@ impl<'de> Deserialize<'de> for TwoFactorSecret {
 	}
 }

+impl PartialEq for TwoFactorSecret {
+	fn eq(&self, other: &Self) -> bool {
+		return self.0.expose_secret() == other.0.expose_secret();
+	}
+}
+
+impl Eq for TwoFactorSecret {}
+
 fn build_time_bytes(time: i64) -> [u8; 8] {
 	return time.to_be_bytes();
 }