From bf0b6d15726fbdd03c50b4dc880d524d8e39f0a4 Mon Sep 17 00:00:00 2001 From: Carson McManus Date: Wed, 25 Aug 2021 00:19:17 -0400 Subject: [PATCH] replace `secrets` crate with `secrecy` --- Cargo.lock | 16 ++++++++-------- steamguard/Cargo.toml | 2 +- steamguard/src/token.rs | 25 +++++++++++++++++-------- 3 files changed, 26 insertions(+), 17 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index ad3ad67..24f231d 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1553,13 +1553,13 @@ dependencies = [ ] [[package]] -name = "secrets" -version = "1.1.0" +name = "secrecy" +version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "58b9d59a8542189a7931c0f18811e59db46529efab6d566541625590e994b945" +checksum = "9bd1c54ea06cfd2f6b63219704de0b9b4f72dcc2b8fdef820be6cd799780e91e" dependencies = [ - "libc", - "pkg-config", + "serde", + "zeroize", ] [[package]] @@ -1840,7 +1840,7 @@ dependencies = [ "reqwest", "rsa", "scraper", - "secrets", + "secrecy", "serde", "serde_json", "standback", @@ -2441,9 +2441,9 @@ dependencies = [ [[package]] name = "zeroize" -version = "1.2.0" +version = "1.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "81a974bcdd357f0dca4d41677db03436324d45a4c9ed2d0b873a5a360ce41c36" +checksum = "377db0846015f7ae377174787dd452e1c5f5a9050bc6f954911d01f116daa0cd" dependencies = [ "zeroize_derive", ] diff --git a/steamguard/Cargo.toml b/steamguard/Cargo.toml index f66da0e..4392228 100644 --- a/steamguard/Cargo.toml +++ b/steamguard/Cargo.toml @@ -24,4 +24,4 @@ log = "0.4.14" scraper = "0.12.0" maplit = "1.0.2" thiserror = "1.0.26" -secrets = "1.1.0" +secrecy = { version = "0.8", features = ["serde"] } diff --git a/steamguard/src/token.rs b/steamguard/src/token.rs index a9d6a49..30cd319 100644 --- a/steamguard/src/token.rs +++ b/steamguard/src/token.rs @@ -1,19 +1,20 @@ -use secrets::SecretBox; +use secrecy::{ExposeSecret, Secret}; use serde::{Deserialize, Deserializer, Serialize, Serializer}; use std::convert::TryInto; -#[derive(Debug, Clone, PartialEq, Eq)] -pub struct TwoFactorSecret(SecretBox<[u8; 20]>); +#[derive(Debug, Clone)] +pub struct TwoFactorSecret(Secret<[u8; 20]>); +// pub struct TwoFactorSecret(Secret>); impl TwoFactorSecret { pub fn new() -> Self { - return Self(SecretBox::from(&mut [0u8; 20])); + return Self([0u8; 20].into()); } pub fn parse_shared_secret(secret: String) -> anyhow::Result { ensure!(secret.len() != 0, "unable to parse empty shared secret"); - let mut result: [u8; 20] = base64::decode(secret)?.try_into().unwrap(); - return Ok(Self(SecretBox::from(&mut result))); + let result: [u8; 20] = base64::decode(secret)?.try_into().unwrap(); + return Ok(Self(result.into())); } /// Generate a 5 character 2FA code to that can be used to log in to Steam. @@ -25,7 +26,7 @@ impl TwoFactorSecret { // this effectively makes it so that it creates a new code every 30 seconds. let time_bytes: [u8; 8] = build_time_bytes(time / 30i64); - let hashed_data = hmacsha1::hmac_sha1(&self.0.borrow().to_vec(), &time_bytes); + let hashed_data = hmacsha1::hmac_sha1(self.0.expose_secret(), &time_bytes); let mut code_array: [u8; 5] = [0; 5]; let b = (hashed_data[19] & 0xF) as usize; let mut code_point: i32 = ((hashed_data[b] & 0x7F) as i32) << 24 @@ -48,7 +49,7 @@ impl Serialize for TwoFactorSecret { where S: Serializer, { - serializer.serialize_str(base64::encode(&self.0.borrow().to_vec()).as_str()) + serializer.serialize_str(base64::encode(&self.0.expose_secret()).as_str()) } } @@ -61,6 +62,14 @@ impl<'de> Deserialize<'de> for TwoFactorSecret { } } +impl PartialEq for TwoFactorSecret { + fn eq(&self, other: &Self) -> bool { + return self.0.expose_secret() == other.0.expose_secret(); + } +} + +impl Eq for TwoFactorSecret {} + fn build_time_bytes(time: i64) -> [u8; 8] { return time.to_be_bytes(); }