ss_rs/crypto/
mod.rs

1//! Encryption and decryption.
2
3pub mod aead;
4pub mod cipher;
5
6use std::ops::Deref;
7
8use hkdf::Hkdf;
9use sha1::Sha1;
10
11/// A simple encapsulation of bytes array.
12#[derive(Debug)]
13pub struct Nonce {
14    value: Vec<u8>,
15}
16
17impl Nonce {
18    /// Creates a new nonce.
19    pub fn new(len: usize) -> Self {
20        Nonce {
21            value: vec![0; len],
22        }
23    }
24
25    /// Increment the nonce.
26    pub fn increment(&mut self) {
27        for i in 0..self.value.len() {
28            self.value[i] = self.value[i].wrapping_add(1);
29            if self.value[i] != 0 {
30                break;
31            }
32        }
33    }
34}
35
36impl Deref for Nonce {
37    type Target = [u8];
38
39    fn deref(&self) -> &Self::Target {
40        &self.value
41    }
42}
43
44/// Produces a subkey that is cryptographically strong even if the input secret key is weak.
45pub fn hkdf_sha1(key: &[u8], salt: &[u8], subkey: &mut [u8]) {
46    let hkdf = Hkdf::<Sha1>::new(Some(salt), key);
47    hkdf.expand(b"ss-subkey", subkey).expect(&format!(
48        "{} is a invalid output length, expected {}",
49        subkey.len(),
50        key.len()
51    ));
52}
53
54/// Generates the master key from a password.
55pub fn derive_key(password: &[u8], key: &mut [u8]) {
56    let key_size = key.len();
57    let mut md_buf: Vec<u8> = Vec::new();
58
59    let mut j = 0;
60    while j < key_size {
61        md_buf.append(&mut password.to_vec());
62        let md = md5::compute(&md_buf).0;
63
64        for &b in md.iter() {
65            if j >= key_size {
66                break;
67            }
68
69            key[j] = b;
70            j += 1;
71        }
72
73        md_buf = md.to_vec();
74    }
75}
76
77#[cfg(test)]
78mod tests {
79    use super::*;
80
81    #[test]
82    fn test_hkdf_sha1_key128() {
83        let key = [1u8; 16];
84        let salt = b"1234567812345678";
85        let mut subkey = [0u8; 16];
86        let expected_subkey: [u8; 16] = [
87            176, 72, 135, 140, 255, 57, 14, 7, 193, 98, 58, 118, 112, 42, 119, 97,
88        ];
89
90        hkdf_sha1(&key, salt, &mut subkey);
91
92        assert_eq!(subkey, expected_subkey);
93    }
94
95    #[test]
96    fn test_hkdf_sha1_key256() {
97        let key = [1u8; 32];
98        let salt = b"12345678123456781234567812345678";
99        let mut subkey = [0u8; 32];
100        let expected_subkey: [u8; 32] = [
101            128, 145, 113, 44, 108, 52, 99, 117, 243, 229, 199, 245, 55, 99, 251, 53, 56, 225, 92,
102            92, 5, 94, 252, 21, 4, 211, 164, 43, 251, 44, 61, 208,
103        ];
104
105        hkdf_sha1(&key, salt, &mut subkey);
106
107        assert_eq!(subkey, expected_subkey);
108    }
109
110    #[test]
111    fn test_derive_key128() {
112        let password = b"hehe";
113        let mut key = [0u8; 16];
114        let expected_key = [
115            82, 156, 168, 5, 10, 0, 24, 7, 144, 207, 136, 182, 52, 104, 130, 106,
116        ];
117
118        derive_key(password, &mut key);
119
120        assert_eq!(key, expected_key);
121    }
122
123    #[test]
124    fn test_derive_key256() {
125        let password = b"hehe";
126        let mut key = [0u8; 32];
127        let expected_key = [
128            82, 156, 168, 5, 10, 0, 24, 7, 144, 207, 136, 182, 52, 104, 130, 106, 109, 81, 225,
129            207, 24, 87, 148, 16, 101, 57, 172, 239, 219, 100, 183, 95,
130        ];
131
132        derive_key(password, &mut key);
133
134        assert_eq!(key, expected_key);
135    }
136}
ss_rs/crypto/mod.rs

ss_rs/crypto/
mod.rs
