zero4rs 2.0.0

zero4rs is a powerful, pragmatic, and extremely fast web framework for Rust
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99

use argon2::password_hash::{Salt, SaltString};
use argon2::{Algorithm, Argon2, Params, PasswordHash, PasswordHasher, PasswordVerifier, Version};
use base64::{engine::general_purpose, Engine as _};

use hmac::{Hmac, Mac};
use rand::RngCore;
use sha3::Digest;

use crate::core::error2::Error;
use crate::core::error2::Result;

pub fn base64encode(s: &str) -> String {
    general_purpose::STANDARD.encode(s)
}

pub fn base64decode(s: &str) -> Result<String> {
    let decoded_bytes = general_purpose::STANDARD
        .decode(s)
        .map_err(Error::run_time)?;

    let s = String::from_utf8(decoded_bytes).map_err(Error::run_time)?;

    Ok(s)
}

pub fn urlencoded<T>(s: &T) -> String
where
    T: serde::Serialize,
{
    serde_urlencoded::to_string(s).unwrap()
}

pub fn sha3_256(s: String) -> String {
    let password_hash = sha3::Sha3_256::digest(s.as_bytes());
    format!("{:x}", password_hash)
}

pub fn encrypt_sha_256(key: &str, plaintext: &str) -> String {
    let mut mac = hmac::Hmac::<sha2::Sha256>::new_from_slice(key.as_bytes()).unwrap();

    mac.update(plaintext.as_bytes());

    general_purpose::STANDARD.encode(mac.finalize().into_bytes())
}

pub fn compute_password_hash(password: &str) -> Result<String> {
    let mut bytes = [0u8; Salt::RECOMMENDED_LENGTH];
    let mut rng = rand::rng();
    rng.fill_bytes(&mut bytes);

    let salt = SaltString::encode_b64(&bytes).expect("Invalid salt encoding");

    let password_hash = Argon2::new(
        Algorithm::Argon2id,
        Version::V0x13,
        Params::new(15000, 2, 1, None).unwrap(),
    )
    .hash_password(password.as_bytes(), &salt)
    .map_err(Error::run_time)?
    .to_string();

    Ok(password_hash)
}

pub fn verify_password(password: String, expected_password_hash: String) -> Result<bool> {
    let expected_password_hash =
        PasswordHash::new(expected_password_hash.as_str()).map_err(Error::run_time)?;

    if Argon2::default()
        .verify_password(password.as_bytes(), &expected_password_hash)
        .is_ok()
    {
        return Ok(true);
    }

    Ok(false)
}

pub fn html_escape(s: &str) -> String {
    htmlescape::encode_minimal(s)
}

#[rustfmt::skip]
pub fn hmac_tag(query_string: &str, secret: &str) -> Result<String> {
    let mut mac = Hmac::<sha2::Sha256>::new_from_slice(secret.as_bytes()).map_err(Error::run_time)?;
    mac.update(query_string.as_bytes());
    Ok(hex::encode(mac.finalize().into_bytes()))
}

#[rustfmt::skip]
pub fn hmac_tag_verify(query_string: &str, secret: &str, tag: &str) -> Result<bool> {
    let _tag = hex::decode(tag).map_err(Error::run_time)?;
    let mut mac = Hmac::<sha2::Sha256>::new_from_slice(secret.as_bytes()).map_err(Error::run_time)?;

    mac.update(query_string.as_bytes());
    mac.verify_slice(&_tag).map_err(Error::run_time)?;

    Ok(true)
}