diff options
| author | metamuffin <metamuffin@disroot.org> | 2022-09-13 17:18:12 +0200 |
|---|---|---|
| committer | metamuffin <metamuffin@disroot.org> | 2022-09-13 17:18:12 +0200 |
| commit | 7e88c11cbf817cb6cdbaf9b9f55564c4f9081e26 (patch) | |
| tree | 23c151e7cc7a6650f34b1db6b6ce94f3871ea3f7 /client-native-rift/src/crypto.rs | |
| parent | 1b7116fedcfaef6410e3ff48ea16e893d8bb5989 (diff) | |
| download | keks-meet-7e88c11cbf817cb6cdbaf9b9f55564c4f9081e26.tar keks-meet-7e88c11cbf817cb6cdbaf9b9f55564c4f9081e26.tar.bz2 keks-meet-7e88c11cbf817cb6cdbaf9b9f55564c4f9081e26.tar.zst | |
port crypto to rust
Diffstat (limited to 'client-native-rift/src/crypto.rs')
| -rw-r--r-- | client-native-rift/src/crypto.rs | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/client-native-rift/src/crypto.rs b/client-native-rift/src/crypto.rs new file mode 100644 index 0000000..1144de0 --- /dev/null +++ b/client-native-rift/src/crypto.rs @@ -0,0 +1,32 @@ +use aes_gcm::{ + aead::{generic_array::sequence::GenericSequence, Aead}, + Aes256Gcm, KeyInit, Nonce, +}; + +pub struct Key(Aes256Gcm); + +impl Key { + pub fn derive(secret: String) -> Self { + let salt = base64::decode("").unwrap(); + let mut key = [0u8; 256]; + fastpbkdf2::pbkdf2_hmac_sha256(secret.as_bytes(), salt.as_slice(), 250000, &mut key); + + let key = Aes256Gcm::new_from_slice(key.as_slice()).unwrap(); + + Self(key) + } + pub fn encrypt(&self, s: &str) -> String { + let iv = Nonce::generate(|_| rand::random()); // TODO check if this is secure randomness + let ciphertext = self.0.encrypt(&iv, s.as_bytes()).unwrap(); + let mut packet = iv.to_vec(); // TODO this could be doing less allocations + packet.extend(ciphertext); + base64::encode(packet) + } + pub fn decrypt(&self, s: &str) -> String { + let r = base64::decode(s).unwrap(); + let iv = &r[0..12]; + let ciphertext = &r[12..]; + let plaintext = self.0.decrypt(Nonce::from_slice(iv), ciphertext).unwrap(); + String::from_utf8(plaintext).unwrap() + } +} |