diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-28 14:29:10 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-28 14:29:10 +0000 |
| commit | 2aa4a82499d4becd2284cdb482213d541b8804dd (patch) | |
| tree | b80bf8bf13c3766139fbacc530efd0dd9d54394c /third_party/rust/hawk/src/credentials.rs | |
| parent | Initial commit. (diff) | |
| download | firefox-2aa4a82499d4becd2284cdb482213d541b8804dd.tar.xz firefox-2aa4a82499d4becd2284cdb482213d541b8804dd.zip | |
Adding upstream version 86.0.1.upstream/86.0.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'third_party/rust/hawk/src/credentials.rs')
| -rw-r--r-- | third_party/rust/hawk/src/credentials.rs | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/third_party/rust/hawk/src/credentials.rs b/third_party/rust/hawk/src/credentials.rs new file mode 100644 index 0000000000..ec2c5025a4 --- /dev/null +++ b/third_party/rust/hawk/src/credentials.rs @@ -0,0 +1,61 @@ +use crate::crypto::{self, HmacKey}; + +#[derive(Clone, Copy, PartialEq, PartialOrd, Eq, Ord, Hash, Debug)] +pub enum DigestAlgorithm { + Sha256, + Sha384, + Sha512, + // Indicate that this isn't an enum that anyone should match on, and that we + // reserve the right to add to this enumeration without making a major + // version bump. Once https://github.com/rust-lang/rfcs/blob/master/text/2008-non-exhaustive.md + // is stabilized, that should be used instead. + #[doc(hidden)] + _Nonexhaustive, +} + +/// Hawk key. +/// +/// While any sequence of bytes can be specified as a key, note that each digest algorithm has +/// a suggested key length, and that passwords should *not* be used as keys. Keys of incorrect +/// length are handled according to the digest's implementation. +pub struct Key(Box<dyn HmacKey>); + +impl Key { + pub fn new<B>(key: B, algorithm: DigestAlgorithm) -> crate::Result<Key> + where + B: AsRef<[u8]>, + { + Ok(Key(crypto::new_key(algorithm, key.as_ref())?)) + } + + pub fn sign(&self, data: &[u8]) -> crate::Result<Vec<u8>> { + Ok(self.0.sign(data)?) + } +} + +/// Hawk credentials: an ID and a key associated with that ID. The digest algorithm +/// must be agreed between the server and the client, and the length of the key is +/// specific to that algorithm. +pub struct Credentials { + pub id: String, + pub key: Key, +} + +#[cfg(all(test, any(feature = "use_ring", feature = "use_openssl")))] +mod test { + use super::*; + + #[test] + fn test_new_sha256() { + let key = vec![77u8; 32]; + // hmac::SigningKey doesn't allow any visibilty inside, so we just build the + // key and assume it works.. + Key::new(key, DigestAlgorithm::Sha256).unwrap(); + } + + #[test] + fn test_new_sha256_bad_length() { + let key = vec![0u8; 99]; + Key::new(key, DigestAlgorithm::Sha256).unwrap(); + } +} |