-
Notifications
You must be signed in to change notification settings - Fork 57
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* snapshot migration: v2->v3 (age) * cargo: update crypto.rs dependency * snapshot tests: updated test vectors * Derive Display for Error * Fix warnings * snapshot: fail on associated data * snapshot error * snapshot: v2 + wallet + identity + refactor * snapshot: v2 generalize value ctor + CryptoError * snapshot: v2 factor out wallet/identity * Split into module files * Visibility and warnings * publicly export error * Fmt * Bump crypto.rs * snapshot age: update to crypto-0.16 * snapshot age: 0 work_factor for strong keys * Remove redundant mod * Clippy * Add missing license headers * refactor + security comments * bump crypto-0.17.0 * snapshot errors * runtime: xor_mut * keyprovider: ctors cleanup * zeroizing * Zeroizing * more Zeroizing * deprecate NCM::refresh * age release work factor * fmt * nits * unsafe rewritten * cleanup * KeyProvider deperecated notes added * undeprecate NCM::refresh * fix build errors * nits * clippy + silenced warnings * license new lines * get_guards simplify * deref, do not clone * removed test migrate tool * changes * reexport engine from client * cargo: iota-crypto 0.18.0 * fmt + clippy * snapshot: removed unused empty associated data * associated data + changelog * lower case in deprecated messages * nits + fmt * error message: lower case * error messages * bump iota-crypto-0.20.0 * error message * slip10 update * deprecated removed * changelog: typo * better changelog message * fmt * removed unused allow deprecated * typo * removed irrelevant comment * changes packages * NCM better names --------- Co-authored-by: Thibault Martinez <thibault@iota.org>
- Loading branch information
1 parent
0fabace
commit 1e72f00
Showing
58 changed files
with
932 additions
and
716 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
--- | ||
|
||
"iota-stronghold": minor | ||
"stronghold-engine" : minor | ||
"stronghold-runtime" : minor | ||
|
||
--- | ||
|
||
Upgraded snapshot format to age-encryption.org/v1 with password-based recipient stanza. This resolves the issue with the previous snapshot format encryption being insecure if used with weak passwords. Snapshot encryption doesn't use associated data. | ||
Added sensitive data zeroization which would otherwise leak in stack and heap memory in plaintext after use. | ||
`KeyProvider` unsafe constructors `with_passphrase_truncated`, `with_passphrase_hashed_argon2` were removed, `with_passphrase_hashed` constructor should be used instead. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,9 +1,13 @@ | ||
// Copyright 2020-2022 IOTA Stiftung | ||
// SPDX-License-Identifier: Apache-2.0 | ||
|
||
use crypto::hashes::{blake2b::Blake2b256, Digest}; | ||
use zeroize::Zeroizing; | ||
|
||
pub fn hash_blake2b(input: String) -> Vec<u8> { | ||
pub fn hash_blake2b(input: String) -> Zeroizing<Vec<u8>> { | ||
let mut hasher = Blake2b256::new(); | ||
hasher.update(input.as_bytes()); | ||
hasher.finalize().to_vec() | ||
let mut hash = Zeroizing::new(vec![0_u8; Blake2b256::output_size()]); | ||
hasher.finalize_into((&mut hash[..]).into()); | ||
hash | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,6 @@ | ||
// Copyright 2020-2021 IOTA Stiftung | ||
// SPDX-License-Identifier: Apache-2.0 | ||
|
||
#![no_main] | ||
|
||
fuzz_target!(|data: &[u8]| {}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.