crypto: Correctly generate a random nonce for pickling of the signing objects.

This commit is contained in:
Damir Jelić 2020-10-21 12:55:45 +02:00
parent 7cab7cadc9
commit 6a7da5a8b6

View file

@ -19,6 +19,7 @@ use aes_gcm::{
Aes256Gcm,
};
use base64::{decode_config, encode_config, DecodeError, URL_SAFE_NO_PAD};
use getrandom::getrandom;
use serde::{Deserialize, Serialize};
use std::{
collections::BTreeMap,
@ -42,6 +43,8 @@ use crate::{
requests::UploadSigningKeysRequest,
};
const NONCE_SIZE: usize = 12;
fn encode<T: AsRef<[u8]>>(input: T) -> String {
encode_config(input, URL_SAFE_NO_PAD)
}
@ -276,7 +279,11 @@ impl Signing {
async fn pickle(&self, pickle_key: &[u8]) -> PickledSigning {
let key = GenericArray::from_slice(pickle_key);
let cipher = Aes256Gcm::new(key);
let nonce = GenericArray::from_slice(b"unique nonce");
let mut nonce = vec![0u8; NONCE_SIZE];
getrandom(&mut nonce).expect("Can't generate nonce to pickle the signing object");
let nonce = GenericArray::from_slice(nonce.as_slice());
let ciphertext = cipher
.encrypt(nonce, self.seed.as_slice())
.expect("Can't encrypt signing pickle");