replace crates hmac-sha1 and hmac-sha256 with equivalent crates from RustCrypto (#288)
This commit is contained in:
parent
9c6d10dc1f
commit
d1ff150cbf
7 changed files with 27 additions and 41 deletions
27
Cargo.lock
generated
27
Cargo.lock
generated
|
@ -1156,21 +1156,6 @@ dependencies = [
|
||||||
"digest",
|
"digest",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
|
||||||
name = "hmac-sha1"
|
|
||||||
version = "0.1.3"
|
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
||||||
checksum = "e1333fad8d94b82cab989da428b0b36a3435db3870d85e971a1d6dc0a8576722"
|
|
||||||
dependencies = [
|
|
||||||
"sha1 0.2.0",
|
|
||||||
]
|
|
||||||
|
|
||||||
[[package]]
|
|
||||||
name = "hmac-sha256"
|
|
||||||
version = "1.1.7"
|
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
||||||
checksum = "3688e69b38018fec1557254f64c8dc2cc8ec502890182f395dbb0aa997aa5735"
|
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "html5ever"
|
name = "html5ever"
|
||||||
version = "0.25.2"
|
version = "0.25.2"
|
||||||
|
@ -2812,12 +2797,6 @@ dependencies = [
|
||||||
"stable_deref_trait",
|
"stable_deref_trait",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
|
||||||
name = "sha1"
|
|
||||||
version = "0.2.0"
|
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
||||||
checksum = "cc30b1e1e8c40c121ca33b86c23308a090d19974ef001b4bf6e61fd1a0fb095c"
|
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "sha1"
|
name = "sha1"
|
||||||
version = "0.6.1"
|
version = "0.6.1"
|
||||||
|
@ -3032,8 +3011,7 @@ dependencies = [
|
||||||
"anyhow",
|
"anyhow",
|
||||||
"base64 0.13.1",
|
"base64 0.13.1",
|
||||||
"cookie 0.14.4",
|
"cookie 0.14.4",
|
||||||
"hmac-sha1",
|
"hmac",
|
||||||
"hmac-sha256",
|
|
||||||
"lazy_static 1.4.0",
|
"lazy_static 1.4.0",
|
||||||
"log",
|
"log",
|
||||||
"maplit",
|
"maplit",
|
||||||
|
@ -3050,6 +3028,8 @@ dependencies = [
|
||||||
"serde",
|
"serde",
|
||||||
"serde_json",
|
"serde_json",
|
||||||
"serde_path_to_error",
|
"serde_path_to_error",
|
||||||
|
"sha1 0.10.5",
|
||||||
|
"sha2",
|
||||||
"standback",
|
"standback",
|
||||||
"thiserror",
|
"thiserror",
|
||||||
"uuid",
|
"uuid",
|
||||||
|
@ -3071,7 +3051,6 @@ dependencies = [
|
||||||
"crossterm",
|
"crossterm",
|
||||||
"dirs",
|
"dirs",
|
||||||
"gethostname",
|
"gethostname",
|
||||||
"hmac-sha1",
|
|
||||||
"inout",
|
"inout",
|
||||||
"keyring",
|
"keyring",
|
||||||
"lazy_static 1.4.0",
|
"lazy_static 1.4.0",
|
||||||
|
|
|
@ -31,7 +31,6 @@ path = "src/main.rs"
|
||||||
|
|
||||||
[dependencies]
|
[dependencies]
|
||||||
anyhow = "^1.0"
|
anyhow = "^1.0"
|
||||||
hmac-sha1 = "^0.1"
|
|
||||||
base64 = "0.13.0"
|
base64 = "0.13.0"
|
||||||
text_io = "0.1.8"
|
text_io = "0.1.8"
|
||||||
rpassword = "5.0"
|
rpassword = "5.0"
|
||||||
|
|
|
@ -12,7 +12,7 @@ license = "MIT OR Apache-2.0"
|
||||||
|
|
||||||
[dependencies]
|
[dependencies]
|
||||||
anyhow = "^1.0"
|
anyhow = "^1.0"
|
||||||
hmac-sha1 = "^0.1"
|
sha1 = "^0.10"
|
||||||
base64 = "0.13.0"
|
base64 = "0.13.0"
|
||||||
reqwest = { version = "0.11", default-features = false, features = ["blocking", "json", "cookies", "gzip", "rustls-tls", "multipart"] }
|
reqwest = { version = "0.11", default-features = false, features = ["blocking", "json", "cookies", "gzip", "rustls-tls", "multipart"] }
|
||||||
serde = { version = "1.0", features = ["derive"] }
|
serde = { version = "1.0", features = ["derive"] }
|
||||||
|
@ -32,9 +32,10 @@ secrecy = { version = "0.8", features = ["serde"] }
|
||||||
zeroize = { version = "^1.6.0", features = ["std", "zeroize_derive"] }
|
zeroize = { version = "^1.6.0", features = ["std", "zeroize_derive"] }
|
||||||
protobuf = "3.2.0"
|
protobuf = "3.2.0"
|
||||||
protobuf-json-mapping = "3.2.0"
|
protobuf-json-mapping = "3.2.0"
|
||||||
hmac-sha256 = "1.1.7"
|
|
||||||
phonenumber = "0.3"
|
phonenumber = "0.3"
|
||||||
serde_path_to_error = "0.1.11"
|
serde_path_to_error = "0.1.11"
|
||||||
|
hmac = "^0.12"
|
||||||
|
sha2 = "^0.10"
|
||||||
|
|
||||||
[build-dependencies]
|
[build-dependencies]
|
||||||
anyhow = "^1.0"
|
anyhow = "^1.0"
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
use std::borrow::Cow;
|
use std::borrow::Cow;
|
||||||
|
|
||||||
use hmacsha1::hmac_sha1;
|
use hmac::{Hmac, Mac};
|
||||||
use log::*;
|
use log::*;
|
||||||
use reqwest::{
|
use reqwest::{
|
||||||
cookie::CookieStore,
|
cookie::CookieStore,
|
||||||
|
@ -9,6 +9,7 @@ use reqwest::{
|
||||||
};
|
};
|
||||||
use secrecy::ExposeSecret;
|
use secrecy::ExposeSecret;
|
||||||
use serde::Deserialize;
|
use serde::Deserialize;
|
||||||
|
use sha1::Sha1;
|
||||||
|
|
||||||
use crate::{
|
use crate::{
|
||||||
steamapi::{self},
|
steamapi::{self},
|
||||||
|
@ -403,10 +404,11 @@ fn generate_confirmation_hash_for_time(
|
||||||
identity_secret: impl AsRef<[u8]>,
|
identity_secret: impl AsRef<[u8]>,
|
||||||
) -> String {
|
) -> String {
|
||||||
let decode: &[u8] = &base64::decode(identity_secret).unwrap();
|
let decode: &[u8] = &base64::decode(identity_secret).unwrap();
|
||||||
let time_bytes = build_time_bytes(time);
|
let mut mac = Hmac::<Sha1>::new_from_slice(decode).unwrap();
|
||||||
let tag_bytes = tag.as_bytes();
|
mac.update(&build_time_bytes(time));
|
||||||
let array = [&time_bytes, tag_bytes].concat();
|
mac.update(tag.as_bytes());
|
||||||
let hash = hmac_sha1(decode, &array);
|
let result = mac.finalize();
|
||||||
|
let hash = result.into_bytes();
|
||||||
base64::encode(hash)
|
base64::encode(hash)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -32,7 +32,6 @@ pub mod userlogin;
|
||||||
|
|
||||||
extern crate base64;
|
extern crate base64;
|
||||||
extern crate cookie;
|
extern crate cookie;
|
||||||
extern crate hmacsha1;
|
|
||||||
|
|
||||||
#[derive(Debug, Clone, Serialize, Deserialize)]
|
#[derive(Debug, Clone, Serialize, Deserialize)]
|
||||||
pub struct SteamGuardAccount {
|
pub struct SteamGuardAccount {
|
||||||
|
|
|
@ -1,5 +1,7 @@
|
||||||
|
use hmac::{Hmac, Mac};
|
||||||
use log::debug;
|
use log::debug;
|
||||||
use reqwest::IntoUrl;
|
use reqwest::IntoUrl;
|
||||||
|
use sha2::Sha256;
|
||||||
|
|
||||||
use crate::{
|
use crate::{
|
||||||
protobufs::steammessages_auth_steamclient::CAuthentication_UpdateAuthSessionWithMobileConfirmation_Request,
|
protobufs::steammessages_auth_steamclient::CAuthentication_UpdateAuthSessionWithMobileConfirmation_Request,
|
||||||
|
@ -67,12 +69,12 @@ fn build_signature(
|
||||||
steam_id: u64,
|
steam_id: u64,
|
||||||
challenge: &Challenge,
|
challenge: &Challenge,
|
||||||
) -> [u8; 32] {
|
) -> [u8; 32] {
|
||||||
let mut data = Vec::<u8>::with_capacity(18);
|
let mut mac = Hmac::<Sha256>::new_from_slice(shared_secret.expose_secret()).unwrap();
|
||||||
data.extend_from_slice(&challenge.version.to_le_bytes());
|
mac.update(&challenge.version.to_le_bytes());
|
||||||
data.extend_from_slice(&challenge.client_id.to_le_bytes());
|
mac.update(&challenge.client_id.to_le_bytes());
|
||||||
data.extend_from_slice(&steam_id.to_le_bytes());
|
mac.update(&steam_id.to_le_bytes());
|
||||||
|
let result = mac.finalize();
|
||||||
hmac_sha256::HMAC::mac(data, shared_secret.expose_secret())
|
result.into_bytes().into()
|
||||||
}
|
}
|
||||||
|
|
||||||
fn parse_challenge_url(challenge_url: impl IntoUrl) -> Result<Challenge, QrApproverError> {
|
fn parse_challenge_url(challenge_url: impl IntoUrl) -> Result<Challenge, QrApproverError> {
|
||||||
|
|
|
@ -1,5 +1,7 @@
|
||||||
|
use hmac::{Hmac, Mac};
|
||||||
use secrecy::{ExposeSecret, Secret, SecretString};
|
use secrecy::{ExposeSecret, Secret, SecretString};
|
||||||
use serde::{Deserialize, Deserializer, Serialize, Serializer};
|
use serde::{Deserialize, Deserializer, Serialize, Serializer};
|
||||||
|
use sha1::Sha1;
|
||||||
use std::convert::TryInto;
|
use std::convert::TryInto;
|
||||||
|
|
||||||
#[derive(Debug, Clone)]
|
#[derive(Debug, Clone)]
|
||||||
|
@ -34,9 +36,11 @@ impl TwoFactorSecret {
|
||||||
86, 87, 88, 89,
|
86, 87, 88, 89,
|
||||||
];
|
];
|
||||||
|
|
||||||
|
let mut mac = Hmac::<Sha1>::new_from_slice(self.0.expose_secret()).unwrap();
|
||||||
// this effectively makes it so that it creates a new code every 30 seconds.
|
// this effectively makes it so that it creates a new code every 30 seconds.
|
||||||
let time_bytes: [u8; 8] = build_time_bytes(time / 30u64);
|
mac.update(&build_time_bytes(time / 30u64));
|
||||||
let hashed_data = hmacsha1::hmac_sha1(self.0.expose_secret(), &time_bytes);
|
let result = mac.finalize();
|
||||||
|
let hashed_data = result.into_bytes();
|
||||||
let mut code_array: [u8; 5] = [0; 5];
|
let mut code_array: [u8; 5] = [0; 5];
|
||||||
let b = (hashed_data[19] & 0xF) as usize;
|
let b = (hashed_data[19] & 0xF) as usize;
|
||||||
let mut code_point: i32 = ((hashed_data[b] & 0x7F) as i32) << 24
|
let mut code_point: i32 = ((hashed_data[b] & 0x7F) as i32) << 24
|
||||||
|
|
Loading…
Reference in a new issue