update Cargo.lock, use constant time equality check, remove block-modes

This commit is contained in:
Артём Павлов [Artyom Pavlov] 2019-03-16 18:30:10 +03:00
parent 391b9c69c4
commit 72589443c7
5 changed files with 2232 additions and 17 deletions

2215
Cargo.lock generated

File diff suppressed because it is too large Load diff

View file

@ -127,14 +127,10 @@ impl Discovery {
h.result().code() h.result().code()
}; };
let mac = { let mut h = HmacSha1::new_varkey(&checksum_key)
let mut h = HmacSha1::new_varkey(&checksum_key) .expect("HMAC can take key of any size");
.expect("HMAC can take key of any size"); h.input(encrypted);
h.input(encrypted); if let Err(_) = h.verify(cksum) {
h.result().code()
};
if mac != cksum {
warn!("Login error for user {:?}: MAC mismatch", username); warn!("Login error for user {:?}: MAC mismatch", username);
let result = json!({ let result = json!({
"status": 102, "status": 102,

View file

@ -37,7 +37,6 @@ sha-1 = "0.8.0"
hmac = "0.7.0" hmac = "0.7.0"
pbkdf2 = "0.3.0" pbkdf2 = "0.3.0"
aes = "0.3.0" aes = "0.3.0"
block-modes = "0.2.0"
[build-dependencies] [build-dependencies]
rand = "0.6" rand = "0.6"

View file

@ -1,8 +1,6 @@
use base64; use base64;
use byteorder::{BigEndian, ByteOrder}; use byteorder::{BigEndian, ByteOrder};
use aes::Aes192; use aes::Aes192;
use block_modes::{Ecb, BlockMode};
use block_modes::block_padding::ZeroPadding;
use hmac::Hmac; use hmac::Hmac;
use sha1::{Sha1, Digest}; use sha1::{Sha1, Digest};
use pbkdf2::pbkdf2; use pbkdf2::pbkdf2;
@ -75,12 +73,20 @@ impl Credentials {
key key
}; };
let mut data = base64::decode(encrypted_blob).unwrap(); // decrypt data using ECB mode without padding
let blob = { let blob = {
// Anyone know what this block mode is ? use aes::block_cipher_trait::BlockCipher;
let mut cipher = Ecb::<Aes192, ZeroPadding>::new_varkey(&key) use aes::block_cipher_trait::generic_array::GenericArray;
.expect("never fails, key is 24 bytes long"); use aes::block_cipher_trait::generic_array::typenum::Unsigned;
cipher.decrypt_nopad(&mut data).unwrap();
let mut data = base64::decode(encrypted_blob).unwrap();
let cipher = Aes192::new(GenericArray::from_slice(&key));
let block_size = <Aes192 as BlockCipher>::BlockSize::to_usize();
assert_eq!(data.len() % block_size, 0);
// replace to chunks_exact_mut with MSRV bump to 1.31
for chunk in data.chunks_mut(block_size) {
cipher.decrypt_block(GenericArray::from_mut_slice(chunk));
}
let l = data.len(); let l = data.len();
for i in 0..l - 0x10 { for i in 0..l - 0x10 {

View file

@ -35,7 +35,6 @@ extern crate sha1;
extern crate hmac; extern crate hmac;
extern crate pbkdf2; extern crate pbkdf2;
extern crate aes; extern crate aes;
extern crate block_modes;
extern crate librespot_protocol as protocol; extern crate librespot_protocol as protocol;