Skip to content

Commit

Permalink
ue back secrets crate as the issue is only on windows x86
Browse files Browse the repository at this point in the history
  • Loading branch information
@radumarias
radumarias committed Jun 5, 2024
1 parent 2e081b6 commit c91e1c3
Show file tree
Hide file tree
Showing 4 changed files with 28 additions and 3 deletions.
18 changes: 18 additions & 0 deletions Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ hex = "0.4.3"
numpy = "0.21"
libsodium-sys = "0.2.7"
libc = "0.2.155"
secrets = "1.2.0"

[dev-dependencies]
criterion = { version = "0.5.1", features = ["html_reports"] }
Expand Down
6 changes: 3 additions & 3 deletions src/lib.rs
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
use std::sync::{Arc, Mutex};
use ::secrets::SecretVec;
use numpy::{PyArray1, PyArrayMethods};

use pyo3::prelude::*;
Expand All @@ -12,7 +13,6 @@ use ring::aead::{Aad, AES_256_GCM, BoundKey, CHACHA20_POLY1305, Nonce, NonceSequ
use ring::error::Unspecified;
use zeroize::Zeroize;
use crate::CipherMeta::Ring;
use crate::secrets::SecretVec;

mod cipher;
mod secrets;
Expand Down Expand Up @@ -522,7 +522,7 @@ fn create_ring_sealing_key(alg: RingAlgorithm, key: &SecretVec<u8>) -> (SealingK
let nonce_sequence = nonce_seq.clone();
let nonce_wrapper = RandomNonceSequenceWrapper::new(nonce_seq.clone());
// Create a new AEAD key without a designated role or nonce sequence
let unbound_key = UnboundKey::new(get_ring_algorithm(alg), key.as_ref()).unwrap();
let unbound_key = UnboundKey::new(get_ring_algorithm(alg), &*key.borrow()).unwrap();

// Create a new AEAD key for encrypting and signing ("sealing"), bound to a nonce sequence
// The SealingKey can be used multiple times, each time a new nonce will be used
Expand All @@ -532,7 +532,7 @@ fn create_ring_sealing_key(alg: RingAlgorithm, key: &SecretVec<u8>) -> (SealingK

fn create_ring_opening_key(alg: RingAlgorithm, key: &SecretVec<u8>) -> (OpeningKey<ExistingNonceSequence>, Arc<Mutex<Vec<u8>>>) {
let last_nonce = Arc::new(Mutex::new(vec![0_u8; get_ring_algorithm(alg).nonce_len()]));
let unbound_key = UnboundKey::new(get_ring_algorithm(alg), key.as_ref()).unwrap();
let unbound_key = UnboundKey::new(get_ring_algorithm(alg), &*key.borrow()).unwrap();
let nonce_sequence = ExistingNonceSequence::new(last_nonce.clone());
let opening_key = OpeningKey::new(unbound_key, nonce_sequence);
(opening_key, last_nonce)
Expand Down
6 changes: 6 additions & 0 deletions src/secrets.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,12 @@ impl<T: Zeroize> Drop for SecretVec<T> {
}
}

// impl<T> Debug for SecretVec<T> {
// fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
// write!(f, "SecretVec<{}>[REDACTED]", std::any::type_name::<T>())
// }
// }

/// Initialized libsodium. This function *must* be called at least once
/// prior to using any of the other functions in this library, and
/// callers *must* verify that it returns `true`. If it returns `false`,
Expand Down

0 comments on commit c91e1c3

Please sign in to comment.