diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2018-10-17 13:47:38 +0200 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2018-10-23 16:25:05 +0200 |
commit | 194e2a8f63f38bd44340090f2fc121d4dcd24cd7 (patch) | |
tree | f1f523ca0af7074ffcc7332c3fbdf99cc028218c | |
parent | a876df938ad99ce7b0ba769a8e2ad961f12ba239 (diff) |
openpgp: Move SessionKey into openpgp::crypto.
-rw-r--r-- | openpgp/src/crypto/aead.rs | 2 | ||||
-rw-r--r-- | openpgp/src/crypto/mod.rs | 44 | ||||
-rw-r--r-- | openpgp/src/crypto/s2k.rs | 2 | ||||
-rw-r--r-- | openpgp/src/lib.rs | 46 | ||||
-rw-r--r-- | openpgp/src/message/mod.rs | 2 | ||||
-rw-r--r-- | openpgp/src/packet/pkesk.rs | 2 | ||||
-rw-r--r-- | openpgp/src/packet/skesk.rs | 2 | ||||
-rw-r--r-- | openpgp/src/parse/parse.rs | 2 | ||||
-rw-r--r-- | openpgp/src/parse/stream.rs | 2 | ||||
-rw-r--r-- | openpgp/src/serialize/stream.rs | 2 | ||||
-rw-r--r-- | openpgp/src/serialize/writer/mod.rs | 2 |
11 files changed, 53 insertions, 55 deletions
diff --git a/openpgp/src/crypto/aead.rs b/openpgp/src/crypto/aead.rs index c464d33c..fab20771 100644 --- a/openpgp/src/crypto/aead.rs +++ b/openpgp/src/crypto/aead.rs @@ -15,7 +15,7 @@ use conversions::{ }; use Error; use Result; -use SessionKey; +use crypto::SessionKey; use secure_eq; impl AEADAlgorithm { diff --git a/openpgp/src/crypto/mod.rs b/openpgp/src/crypto/mod.rs index 69f2e384..ce9dfbca 100644 --- a/openpgp/src/crypto/mod.rs +++ b/openpgp/src/crypto/mod.rs @@ -4,6 +4,7 @@ use std::io::Read; use std::ops::Deref; use memsec; use nettle::Hash; +use nettle::random::Yarrow; use constants::HashAlgorithm; use Result; @@ -15,6 +16,49 @@ pub mod mpis; pub mod s2k; pub(crate) mod symmetric; +/// Holds a session key. +/// +/// The session key is cleared when dropped. +#[derive(Debug, Clone, PartialEq, Eq)] +pub struct SessionKey(Box<[u8]>); + +impl SessionKey { + /// Creates a new session key. + pub fn new(rng: &mut Yarrow, size: usize) -> Self { + let mut sk = vec![0; size]; + rng.random(&mut sk); + sk.into() + } +} + +impl Deref for SessionKey { + type Target = [u8]; + + fn deref(&self) -> &Self::Target { + &self.0 + } +} + +impl From<Vec<u8>> for SessionKey { + fn from(v: Vec<u8>) -> Self { + SessionKey(v.into_boxed_slice()) + } +} + +impl From<Box<[u8]>> for SessionKey { + fn from(v: Box<[u8]>) -> Self { + SessionKey(v) + } +} + +impl Drop for SessionKey { + fn drop(&mut self) { + unsafe { + memsec::memzero(self.0.as_mut_ptr(), self.0.len()); + } + } +} + /// Holds a password. /// /// The password is cleared when dropped. diff --git a/openpgp/src/crypto/s2k.rs b/openpgp/src/crypto/s2k.rs index 3029d48f..1c2a5cf2 100644 --- a/openpgp/src/crypto/s2k.rs +++ b/openpgp/src/crypto/s2k.rs @@ -10,7 +10,7 @@ use Error; use Result; use HashAlgorithm; use crypto::Password; -use SessionKey; +use crypto::SessionKey; use std::fmt; diff --git a/openpgp/src/lib.rs b/openpgp/src/lib.rs index f8b28987..69a29bec 100644 --- a/openpgp/src/lib.rs +++ b/openpgp/src/lib.rs @@ -482,52 +482,6 @@ pub enum RevocationStatus<'a> { /// revocation certificate. NotAsFarAsWeKnow, } - -use std::ops::Deref; -use nettle::random::Yarrow; - -/// Holds a session key. -/// -/// The session key is cleared when dropped. -#[derive(Debug, Clone, PartialEq, Eq)] -pub struct SessionKey(Box<[u8]>); - -impl SessionKey { - /// Creates a new session key. - pub fn new(rng: &mut Yarrow, size: usize) -> Self { - let mut sk = vec![0; size]; - rng.random(&mut sk); - sk.into() - } -} - -impl Deref for SessionKey { - type Target = [u8]; - - fn deref(&self) -> &Self::Target { - &self.0 - } -} - -impl From<Vec<u8>> for SessionKey { - fn from(v: Vec<u8>) -> Self { - SessionKey(v.into_boxed_slice()) - } -} - -impl From<Box<[u8]>> for SessionKey { - fn from(v: Box<[u8]>) -> Self { - SessionKey(v) - } -} - -impl Drop for SessionKey { - fn drop(&mut self) { - unsafe { - memsec::memzero(self.0.as_mut_ptr(), self.0.len()); - } - } -} /// Time-constant comparison. fn secure_eq(a: &[u8], b: &[u8]) -> bool { diff --git a/openpgp/src/message/mod.rs b/openpgp/src/message/mod.rs index 42f75f0e..1bf147d0 100644 --- a/openpgp/src/message/mod.rs +++ b/openpgp/src/message/mod.rs @@ -921,7 +921,7 @@ mod tests { // 0: SK-ESK // => bad. let mut packets : Vec<Packet> = Vec::new(); - let sk = ::SessionKey::new(&mut Default::default(), 8); + let sk = ::crypto::SessionKey::new(&mut Default::default(), 8); packets.push(SKESK4::with_password( SymmetricAlgorithm::AES256, S2K::Simple { hash: HashAlgorithm::SHA256 }, diff --git a/openpgp/src/packet/pkesk.rs b/openpgp/src/packet/pkesk.rs index c0bda760..47eac6d5 100644 --- a/openpgp/src/packet/pkesk.rs +++ b/openpgp/src/packet/pkesk.rs @@ -6,7 +6,7 @@ use Packet; use PublicKeyAlgorithm; use Result; use SymmetricAlgorithm; -use SessionKey; +use crypto::SessionKey; use crypto::ecdh; use nettle::{rsa, Yarrow}; use packet; diff --git a/openpgp/src/packet/skesk.rs b/openpgp/src/packet/skesk.rs index 5aeeac33..87a4a494 100644 --- a/openpgp/src/packet/skesk.rs +++ b/openpgp/src/packet/skesk.rs @@ -12,7 +12,7 @@ use constants::{ use packet; use Packet; use crypto::Password; -use SessionKey; +use crypto::SessionKey; /// Holds an symmetrically encrypted session key. /// diff --git a/openpgp/src/parse/parse.rs b/openpgp/src/parse/parse.rs index a6a1a344..0677ddc2 100644 --- a/openpgp/src/parse/parse.rs +++ b/openpgp/src/parse/parse.rs @@ -38,7 +38,7 @@ use { Packet, KeyID, SecretKey, - SessionKey, + crypto::SessionKey, packet::PKESK, }; use constants::{ diff --git a/openpgp/src/parse/stream.rs b/openpgp/src/parse/stream.rs index 30a63e48..aa6f3b35 100644 --- a/openpgp/src/parse/stream.rs +++ b/openpgp/src/parse/stream.rs @@ -31,7 +31,7 @@ use { TPK, crypto::mpis, crypto::Password, - SessionKey, + crypto::SessionKey, }; use parse::{ Cookie, diff --git a/openpgp/src/serialize/stream.rs b/openpgp/src/serialize/stream.rs index f760d01b..df6cbc86 100644 --- a/openpgp/src/serialize/stream.rs +++ b/openpgp/src/serialize/stream.rs @@ -28,7 +28,7 @@ use { Result, crypto::Password, SecretKey, - SessionKey, + crypto::SessionKey, packet::SKESK4, packet::SKESK5, packet::{signature, Signature}, diff --git a/openpgp/src/serialize/writer/mod.rs b/openpgp/src/serialize/writer/mod.rs index c5cb4964..3368c6ff 100644 --- a/openpgp/src/serialize/writer/mod.rs +++ b/openpgp/src/serialize/writer/mod.rs @@ -19,7 +19,7 @@ use constants::{ }; use { Result, - SessionKey, + crypto::SessionKey, }; /// A stack of writers. |