kmwebnet/OpenSK
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Cleaner assignment syntax

Browse Source
This commit is contained in:
Egor Duda
2022-05-13 21:55:18 +03:00
parent 658dbe2381
commit e473af7118
1 changed files with 14 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
src/ctap/crypto_wrapper.rs
View File

@@ -279,16 +279,15 @@ pub fn encrypt_key_handle(
let aes_enc_key = crypto::aes256::EncryptionKey::new(&master_keys.encryption); let aes_enc_key = crypto::aes256::EncryptionKey::new(&master_keys.encryption);
let mut plaintext = [0; 64]; let mut plaintext = [0; 64];
let version; let version = match private_key {
match private_key {
PrivateKey::Ecdsa(ecdsa_key) => { PrivateKey::Ecdsa(ecdsa_key) => {
ecdsa_key.to_bytes(array_mut_ref!(plaintext, 0, 32)); ecdsa_key.to_bytes(array_mut_ref!(plaintext, 0, 32));
version = ECDSA_CREDENTIAL_ID_VERSION; ECDSA_CREDENTIAL_ID_VERSION
} }
#[cfg(feature = "ed25519")] #[cfg(feature = "ed25519")]
PrivateKey::Ed25519(keypair) => { PrivateKey::Ed25519(keypair) => {
plaintext[0..32].copy_from_slice(&keypair.secret.to_bytes()); plaintext[0..32].copy_from_slice(&keypair.secret.to_bytes());
version = ED25519_CREDENTIAL_ID_VERSION; ED25519_CREDENTIAL_ID_VERSION
} }
}; };
plaintext[32..64].copy_from_slice(application); plaintext[32..64].copy_from_slice(application);
@@ -329,19 +328,17 @@ pub fn decrypt_credential_source(
return Ok(None); return Ok(None);
} }
let algorithm; let (payload, algorithm) = if credential_id.len() == LEGACY_CREDENTIAL_ID_SIZE {
let payload = if credential_id.len() == LEGACY_CREDENTIAL_ID_SIZE { (&credential_id[..hmac_message_size], ES256_ALGORITHM)
algorithm = ES256_ALGORITHM;
&credential_id[..hmac_message_size]
} else { } else {
// Version number check // Version number check
match credential_id[0] { let algorithm = match credential_id[0] {
ECDSA_CREDENTIAL_ID_VERSION => algorithm = ES256_ALGORITHM, ECDSA_CREDENTIAL_ID_VERSION => ES256_ALGORITHM,
#[cfg(feature = "ed25519")] #[cfg(feature = "ed25519")]
ED25519_CREDENTIAL_ID_VERSION => algorithm = EDDSA_ALGORITHM, ED25519_CREDENTIAL_ID_VERSION => EDDSA_ALGORITHM,
_ => return Ok(None), _ => return Ok(None),
} };
&credential_id[1..hmac_message_size] (&credential_id[1..hmac_message_size], algorithm)
}; };
if payload.len() != 80 { if payload.len() != 80 {
// We shouldn't have HMAC'ed anything of different length. The check is cheap though. // We shouldn't have HMAC'ed anything of different length. The check is cheap though.
@@ -354,15 +351,14 @@ pub fn decrypt_credential_source(
if rp_id_hash != &decrypted_id[32..] { if rp_id_hash != &decrypted_id[32..] {
return Ok(None); return Ok(None);
} }
let sk_option; let sk_option = match algorithm {
match algorithm { ES256_ALGORITHM => PrivateKey::new_ecdsa_from_bytes(&decrypted_id[..32]),
ES256_ALGORITHM => sk_option = PrivateKey::new_ecdsa_from_bytes(&decrypted_id[..32]),
#[cfg(feature = "ed25519")] #[cfg(feature = "ed25519")]
EDDSA_ALGORITHM => sk_option = PrivateKey::new_ed25519_from_bytes(&decrypted_id[..32]), EDDSA_ALGORITHM => PrivateKey::new_ed25519_from_bytes(&decrypted_id[..32]),
#[cfg(not(feature = "ed25519"))] #[cfg(not(feature = "ed25519"))]
EDDSA_ALGORITHM => return Ok(None), EDDSA_ALGORITHM => return Ok(None),
_ => return Ok(None), _ => return Ok(None),
} };
Ok(sk_option.map(|sk| PublicKeyCredentialSource { Ok(sk_option.map(|sk| PublicKeyCredentialSource {
key_type: PublicKeyCredentialType::PublicKey, key_type: PublicKeyCredentialType::PublicKey,