mirror of
https://github.com/librespot-org/librespot.git
synced 2024-12-18 17:11:53 +00:00
update Cargo.lock, use constant time equality check, remove block-modes
This commit is contained in:
parent
391b9c69c4
commit
72589443c7
5 changed files with 2232 additions and 17 deletions
2215
Cargo.lock
generated
2215
Cargo.lock
generated
File diff suppressed because it is too large
Load diff
|
@ -127,14 +127,10 @@ impl Discovery {
|
||||||
h.result().code()
|
h.result().code()
|
||||||
};
|
};
|
||||||
|
|
||||||
let mac = {
|
let mut h = HmacSha1::new_varkey(&checksum_key)
|
||||||
let mut h = HmacSha1::new_varkey(&checksum_key)
|
.expect("HMAC can take key of any size");
|
||||||
.expect("HMAC can take key of any size");
|
h.input(encrypted);
|
||||||
h.input(encrypted);
|
if let Err(_) = h.verify(cksum) {
|
||||||
h.result().code()
|
|
||||||
};
|
|
||||||
|
|
||||||
if mac != cksum {
|
|
||||||
warn!("Login error for user {:?}: MAC mismatch", username);
|
warn!("Login error for user {:?}: MAC mismatch", username);
|
||||||
let result = json!({
|
let result = json!({
|
||||||
"status": 102,
|
"status": 102,
|
||||||
|
|
|
@ -37,7 +37,6 @@ sha-1 = "0.8.0"
|
||||||
hmac = "0.7.0"
|
hmac = "0.7.0"
|
||||||
pbkdf2 = "0.3.0"
|
pbkdf2 = "0.3.0"
|
||||||
aes = "0.3.0"
|
aes = "0.3.0"
|
||||||
block-modes = "0.2.0"
|
|
||||||
|
|
||||||
[build-dependencies]
|
[build-dependencies]
|
||||||
rand = "0.6"
|
rand = "0.6"
|
||||||
|
|
|
@ -1,8 +1,6 @@
|
||||||
use base64;
|
use base64;
|
||||||
use byteorder::{BigEndian, ByteOrder};
|
use byteorder::{BigEndian, ByteOrder};
|
||||||
use aes::Aes192;
|
use aes::Aes192;
|
||||||
use block_modes::{Ecb, BlockMode};
|
|
||||||
use block_modes::block_padding::ZeroPadding;
|
|
||||||
use hmac::Hmac;
|
use hmac::Hmac;
|
||||||
use sha1::{Sha1, Digest};
|
use sha1::{Sha1, Digest};
|
||||||
use pbkdf2::pbkdf2;
|
use pbkdf2::pbkdf2;
|
||||||
|
@ -75,12 +73,20 @@ impl Credentials {
|
||||||
key
|
key
|
||||||
};
|
};
|
||||||
|
|
||||||
let mut data = base64::decode(encrypted_blob).unwrap();
|
// decrypt data using ECB mode without padding
|
||||||
let blob = {
|
let blob = {
|
||||||
// Anyone know what this block mode is ?
|
use aes::block_cipher_trait::BlockCipher;
|
||||||
let mut cipher = Ecb::<Aes192, ZeroPadding>::new_varkey(&key)
|
use aes::block_cipher_trait::generic_array::GenericArray;
|
||||||
.expect("never fails, key is 24 bytes long");
|
use aes::block_cipher_trait::generic_array::typenum::Unsigned;
|
||||||
cipher.decrypt_nopad(&mut data).unwrap();
|
|
||||||
|
let mut data = base64::decode(encrypted_blob).unwrap();
|
||||||
|
let cipher = Aes192::new(GenericArray::from_slice(&key));
|
||||||
|
let block_size = <Aes192 as BlockCipher>::BlockSize::to_usize();
|
||||||
|
assert_eq!(data.len() % block_size, 0);
|
||||||
|
// replace to chunks_exact_mut with MSRV bump to 1.31
|
||||||
|
for chunk in data.chunks_mut(block_size) {
|
||||||
|
cipher.decrypt_block(GenericArray::from_mut_slice(chunk));
|
||||||
|
}
|
||||||
|
|
||||||
let l = data.len();
|
let l = data.len();
|
||||||
for i in 0..l - 0x10 {
|
for i in 0..l - 0x10 {
|
||||||
|
|
|
@ -35,7 +35,6 @@ extern crate sha1;
|
||||||
extern crate hmac;
|
extern crate hmac;
|
||||||
extern crate pbkdf2;
|
extern crate pbkdf2;
|
||||||
extern crate aes;
|
extern crate aes;
|
||||||
extern crate block_modes;
|
|
||||||
|
|
||||||
extern crate librespot_protocol as protocol;
|
extern crate librespot_protocol as protocol;
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue