update Cargo.lock, use constant time equality check, remove block-modes

2024-11-08 16:45:43 +00:00 · 2019-03-16 18:30:10 +03:00 · 2019-03-16 18:30:10 +03:00 · 72589443c7
commit 72589443c7
parent 391b9c69c4
5 changed files with 2232 additions and 17 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
--- a/connect/src/discovery.rs
+++ b/connect/src/discovery.rs
@ -127,14 +127,10 @@ impl Discovery {
            h.result().code()
        };

-        let mac = {
-            let mut h = HmacSha1::new_varkey(&checksum_key)
-                .expect("HMAC can take key of any size");
-            h.input(encrypted);
-            h.result().code()
-        };
-
-        if mac != cksum {
+        let mut h = HmacSha1::new_varkey(&checksum_key)
+            .expect("HMAC can take key of any size");
+        h.input(encrypted);
+        if let Err(_) = h.verify(cksum) {
            warn!("Login error for user {:?}: MAC mismatch", username);
            let result = json!({
                "status": 102,
--- a/core/Cargo.toml
+++ b/core/Cargo.toml
@ -37,7 +37,6 @@ sha-1 = "0.8.0"
 hmac = "0.7.0"
 pbkdf2 = "0.3.0"
 aes = "0.3.0"
-block-modes = "0.2.0"

 [build-dependencies]
 rand = "0.6"
--- a/core/src/authentication.rs
+++ b/core/src/authentication.rs
@ -1,8 +1,6 @@
 use base64;
 use byteorder::{BigEndian, ByteOrder};
 use aes::Aes192;
-use block_modes::{Ecb, BlockMode};
-use block_modes::block_padding::ZeroPadding;
 use hmac::Hmac;
 use sha1::{Sha1, Digest};
 use pbkdf2::pbkdf2;
@ -75,12 +73,20 @@ impl Credentials {
            key
        };

-        let mut data = base64::decode(encrypted_blob).unwrap();
+        // decrypt data using ECB mode without padding
        let blob = {
-            // Anyone know what this block mode is ?
-            let mut cipher = Ecb::<Aes192, ZeroPadding>::new_varkey(&key)
-                .expect("never fails, key is 24 bytes long");
-            cipher.decrypt_nopad(&mut data).unwrap();
+            use aes::block_cipher_trait::BlockCipher;
+            use aes::block_cipher_trait::generic_array::GenericArray;
+            use aes::block_cipher_trait::generic_array::typenum::Unsigned;
+
+            let mut data = base64::decode(encrypted_blob).unwrap();
+            let cipher = Aes192::new(GenericArray::from_slice(&key));
+            let block_size = <Aes192 as BlockCipher>::BlockSize::to_usize();
+            assert_eq!(data.len() % block_size, 0);
+            // replace to chunks_exact_mut with MSRV bump to 1.31
+            for chunk in data.chunks_mut(block_size) {
+                cipher.decrypt_block(GenericArray::from_mut_slice(chunk));
+            }

            let l = data.len();
            for i in 0..l - 0x10 {
--- a/core/src/lib.rs
+++ b/core/src/lib.rs
@ -35,7 +35,6 @@ extern crate sha1;
 extern crate hmac;
 extern crate pbkdf2;
 extern crate aes;
-extern crate block_modes;

 extern crate librespot_protocol as protocol;