mirror of
https://github.com/librespot-org/librespot.git
synced 2024-12-18 17:11:53 +00:00
update Cargo.lock, use constant time equality check, remove block-modes
This commit is contained in:
parent
391b9c69c4
commit
72589443c7
5 changed files with 2232 additions and 17 deletions
2215
Cargo.lock
generated
2215
Cargo.lock
generated
File diff suppressed because it is too large
Load diff
|
@ -127,14 +127,10 @@ impl Discovery {
|
|||
h.result().code()
|
||||
};
|
||||
|
||||
let mac = {
|
||||
let mut h = HmacSha1::new_varkey(&checksum_key)
|
||||
.expect("HMAC can take key of any size");
|
||||
h.input(encrypted);
|
||||
h.result().code()
|
||||
};
|
||||
|
||||
if mac != cksum {
|
||||
let mut h = HmacSha1::new_varkey(&checksum_key)
|
||||
.expect("HMAC can take key of any size");
|
||||
h.input(encrypted);
|
||||
if let Err(_) = h.verify(cksum) {
|
||||
warn!("Login error for user {:?}: MAC mismatch", username);
|
||||
let result = json!({
|
||||
"status": 102,
|
||||
|
|
|
@ -37,7 +37,6 @@ sha-1 = "0.8.0"
|
|||
hmac = "0.7.0"
|
||||
pbkdf2 = "0.3.0"
|
||||
aes = "0.3.0"
|
||||
block-modes = "0.2.0"
|
||||
|
||||
[build-dependencies]
|
||||
rand = "0.6"
|
||||
|
|
|
@ -1,8 +1,6 @@
|
|||
use base64;
|
||||
use byteorder::{BigEndian, ByteOrder};
|
||||
use aes::Aes192;
|
||||
use block_modes::{Ecb, BlockMode};
|
||||
use block_modes::block_padding::ZeroPadding;
|
||||
use hmac::Hmac;
|
||||
use sha1::{Sha1, Digest};
|
||||
use pbkdf2::pbkdf2;
|
||||
|
@ -75,12 +73,20 @@ impl Credentials {
|
|||
key
|
||||
};
|
||||
|
||||
let mut data = base64::decode(encrypted_blob).unwrap();
|
||||
// decrypt data using ECB mode without padding
|
||||
let blob = {
|
||||
// Anyone know what this block mode is ?
|
||||
let mut cipher = Ecb::<Aes192, ZeroPadding>::new_varkey(&key)
|
||||
.expect("never fails, key is 24 bytes long");
|
||||
cipher.decrypt_nopad(&mut data).unwrap();
|
||||
use aes::block_cipher_trait::BlockCipher;
|
||||
use aes::block_cipher_trait::generic_array::GenericArray;
|
||||
use aes::block_cipher_trait::generic_array::typenum::Unsigned;
|
||||
|
||||
let mut data = base64::decode(encrypted_blob).unwrap();
|
||||
let cipher = Aes192::new(GenericArray::from_slice(&key));
|
||||
let block_size = <Aes192 as BlockCipher>::BlockSize::to_usize();
|
||||
assert_eq!(data.len() % block_size, 0);
|
||||
// replace to chunks_exact_mut with MSRV bump to 1.31
|
||||
for chunk in data.chunks_mut(block_size) {
|
||||
cipher.decrypt_block(GenericArray::from_mut_slice(chunk));
|
||||
}
|
||||
|
||||
let l = data.len();
|
||||
for i in 0..l - 0x10 {
|
||||
|
|
|
@ -35,7 +35,6 @@ extern crate sha1;
|
|||
extern crate hmac;
|
||||
extern crate pbkdf2;
|
||||
extern crate aes;
|
||||
extern crate block_modes;
|
||||
|
||||
extern crate librespot_protocol as protocol;
|
||||
|
||||
|
|
Loading…
Reference in a new issue