From 95d372ba4784171d01f4bdbb9910db2af1a12431 Mon Sep 17 00:00:00 2001 From: threema-donat <129288638+threema-donat@users.noreply.github.com> Date: Tue, 6 Feb 2024 09:52:58 +0100 Subject: [PATCH] fixup! Add wrapper for Key that implements zeroize --- src/crypto.rs | 14 +++++++++++++- src/types.rs | 5 ----- 2 files changed, 13 insertions(+), 6 deletions(-) diff --git a/src/crypto.rs b/src/crypto.rs index ed9fb2597..38b07078f 100644 --- a/src/crypto.rs +++ b/src/crypto.rs @@ -11,6 +11,7 @@ use crypto_secretbox::{ }; use data_encoding::{HEXLOWER, HEXLOWER_PERMISSIVE}; use rand::Rng; +use serde::{Serialize, Serializer}; use serde_json as json; use zeroize::{Zeroize, ZeroizeOnDrop}; @@ -23,6 +24,7 @@ use crate::{ pub const NONCE_SIZE: usize = 24; const KEY_SIZE: usize = 32; +/// Key type used for nacl secretbox cryptography #[derive(PartialEq, Zeroize, ZeroizeOnDrop)] pub struct Key(SecretboxKey); @@ -56,13 +58,23 @@ impl TryFrom> for Key { fn try_from(value: Vec) -> Result { <[u8; KEY_SIZE]>::try_from(value) .map_err(|original| { - CryptoError::BadKey(format!("Key has wrong size: {}", original.len())) + CryptoError::BadKey(format!( + "Key has wrong size: {} instead of {}", + original.len(), + KEY_SIZE + )) }) .map(SecretboxKey::from) .map(Self::from) } } +impl Serialize for Key { + fn serialize(&self, serializer: S) -> Result { + serializer.serialize_str(&HEXLOWER.encode(&self.0)) + } +} + fn get_file_nonce() -> &'static Nonce { static FILE_NONCE: OnceLock = OnceLock::new(); FILE_NONCE.get_or_init(|| { diff --git a/src/types.rs b/src/types.rs index ab9663e4f..28d4a7dc6 100644 --- a/src/types.rs +++ b/src/types.rs @@ -83,7 +83,6 @@ pub struct FileMessage { thumbnail_media_type: Option, #[serde(rename = "k")] - #[serde(serialize_with = "key_to_hex")] blob_encryption_key: Key, #[serde(rename = "n")] @@ -392,10 +391,6 @@ impl Serialize for BlobId { } } -fn key_to_hex(val: &Key, serializer: S) -> Result { - serializer.serialize_str(&HEXLOWER.encode(&val.as_ref()[..])) -} - #[cfg(test)] mod test { use std::collections::HashMap;