replace secrets crate with secrecy

This commit is contained in:
Carson McManus 2021-08-25 00:19:17 -04:00
parent ce2285d617
commit bf0b6d1572
3 changed files with 26 additions and 17 deletions

16
Cargo.lock generated
View file

@ -1553,13 +1553,13 @@ dependencies = [
]
[[package]]
name = "secrets"
version = "1.1.0"
name = "secrecy"
version = "0.8.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "58b9d59a8542189a7931c0f18811e59db46529efab6d566541625590e994b945"
checksum = "9bd1c54ea06cfd2f6b63219704de0b9b4f72dcc2b8fdef820be6cd799780e91e"
dependencies = [
"libc",
"pkg-config",
"serde",
"zeroize",
]
[[package]]
@ -1840,7 +1840,7 @@ dependencies = [
"reqwest",
"rsa",
"scraper",
"secrets",
"secrecy",
"serde",
"serde_json",
"standback",
@ -2441,9 +2441,9 @@ dependencies = [
[[package]]
name = "zeroize"
version = "1.2.0"
version = "1.4.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "81a974bcdd357f0dca4d41677db03436324d45a4c9ed2d0b873a5a360ce41c36"
checksum = "377db0846015f7ae377174787dd452e1c5f5a9050bc6f954911d01f116daa0cd"
dependencies = [
"zeroize_derive",
]

View file

@ -24,4 +24,4 @@ log = "0.4.14"
scraper = "0.12.0"
maplit = "1.0.2"
thiserror = "1.0.26"
secrets = "1.1.0"
secrecy = { version = "0.8", features = ["serde"] }

View file

@ -1,19 +1,20 @@
use secrets::SecretBox;
use secrecy::{ExposeSecret, Secret};
use serde::{Deserialize, Deserializer, Serialize, Serializer};
use std::convert::TryInto;
#[derive(Debug, Clone, PartialEq, Eq)]
pub struct TwoFactorSecret(SecretBox<[u8; 20]>);
#[derive(Debug, Clone)]
pub struct TwoFactorSecret(Secret<[u8; 20]>);
// pub struct TwoFactorSecret(Secret<Vec<u8>>);
impl TwoFactorSecret {
pub fn new() -> Self {
return Self(SecretBox::from(&mut [0u8; 20]));
return Self([0u8; 20].into());
}
pub fn parse_shared_secret(secret: String) -> anyhow::Result<Self> {
ensure!(secret.len() != 0, "unable to parse empty shared secret");
let mut result: [u8; 20] = base64::decode(secret)?.try_into().unwrap();
return Ok(Self(SecretBox::from(&mut result)));
let result: [u8; 20] = base64::decode(secret)?.try_into().unwrap();
return Ok(Self(result.into()));
}
/// Generate a 5 character 2FA code to that can be used to log in to Steam.
@ -25,7 +26,7 @@ impl TwoFactorSecret {
// this effectively makes it so that it creates a new code every 30 seconds.
let time_bytes: [u8; 8] = build_time_bytes(time / 30i64);
let hashed_data = hmacsha1::hmac_sha1(&self.0.borrow().to_vec(), &time_bytes);
let hashed_data = hmacsha1::hmac_sha1(self.0.expose_secret(), &time_bytes);
let mut code_array: [u8; 5] = [0; 5];
let b = (hashed_data[19] & 0xF) as usize;
let mut code_point: i32 = ((hashed_data[b] & 0x7F) as i32) << 24
@ -48,7 +49,7 @@ impl Serialize for TwoFactorSecret {
where
S: Serializer,
{
serializer.serialize_str(base64::encode(&self.0.borrow().to_vec()).as_str())
serializer.serialize_str(base64::encode(&self.0.expose_secret()).as_str())
}
}
@ -61,6 +62,14 @@ impl<'de> Deserialize<'de> for TwoFactorSecret {
}
}
impl PartialEq for TwoFactorSecret {
fn eq(&self, other: &Self) -> bool {
return self.0.expose_secret() == other.0.expose_secret();
}
}
impl Eq for TwoFactorSecret {}
fn build_time_bytes(time: i64) -> [u8; 8] {
return time.to_be_bytes();
}