Mirrors/chatmail-core
1
0
Fork 0
mirror of https://github.com/chatmail/core.git synced 2026-05-08 09:26:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

refactor(pgp): add constants for encryption algorithm and hash

Browse Source 
These constants are current defaults in `pgp` crate,
this change would prevent accidental change due to rPGP upgrade
and make it easier to change in a single place.
This commit is contained in:
link2xt
2023-09-11 17:22:25 +00:00
committed by holger krekel
parent 9bd7ab7280
commit 68c95dee17
1 changed files with 13 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/pgp.rs
View File

@@ -30,6 +30,12 @@ pub(crate) const HEADER_AUTOCRYPT: &str = "autocrypt-prefer-encrypt";
#[allow(missing_docs)] #[allow(missing_docs)]
pub const HEADER_SETUPCODE: &str = "passphrase-begin"; pub const HEADER_SETUPCODE: &str = "passphrase-begin";
/// Preferred symmetric encryption algorithm.
const SYMMETRIC_KEY_ALGORITHM: SymmetricKeyAlgorithm = SymmetricKeyAlgorithm::AES128;
/// Preferred cryptographic hash.
const HASH_ALGORITHM: HashAlgorithm = HashAlgorithm::SHA2_256;
/// A wrapper for rPGP public key types /// A wrapper for rPGP public key types
#[derive(Debug)] #[derive(Debug)]
enum SignedPublicKeyOrSubkey<'a> { enum SignedPublicKeyOrSubkey<'a> {
@@ -249,11 +255,13 @@ pub async fn pk_encrypt(
// TODO: measure time // TODO: measure time
let encrypted_msg = if let Some(ref skey) = private_key_for_signing { let encrypted_msg = if let Some(ref skey) = private_key_for_signing {
lit_msg lit_msg
.sign(skey, || "".into(), Default::default()) .sign(skey, || "".into(), HASH_ALGORITHM)
.and_then(|msg| msg.compress(CompressionAlgorithm::ZLIB)) .and_then(|msg| msg.compress(CompressionAlgorithm::ZLIB))
.and_then(|msg| msg.encrypt_to_keys(&mut rng, Default::default(), &pkeys_refs)) .and_then(|msg| {
msg.encrypt_to_keys(&mut rng, SYMMETRIC_KEY_ALGORITHM, &pkeys_refs)
})
} else { } else {
lit_msg.encrypt_to_keys(&mut rng, Default::default(), &pkeys_refs) lit_msg.encrypt_to_keys(&mut rng, SYMMETRIC_KEY_ALGORITHM, &pkeys_refs)
}; };
let msg = encrypted_msg?; let msg = encrypted_msg?;
@@ -272,7 +280,7 @@ pub fn pk_calc_signature(
let msg = Message::new_literal_bytes("", plain).sign( let msg = Message::new_literal_bytes("", plain).sign(
private_key_for_signing, private_key_for_signing,
|| "".into(), || "".into(),
Default::default(), HASH_ALGORITHM,
)?; )?;
let signature = msg.into_signature().to_armored_string(None)?; let signature = msg.into_signature().to_armored_string(None)?;
Ok(signature) Ok(signature)
@@ -369,7 +377,7 @@ pub async fn symm_encrypt(passphrase: &str, plain: &[u8]) -> Result<String> {
let mut rng = thread_rng(); let mut rng = thread_rng();
let s2k = StringToKey::new_default(&mut rng); let s2k = StringToKey::new_default(&mut rng);
let msg = let msg =
lit_msg.encrypt_with_password(&mut rng, s2k, Default::default(), || passphrase)?; lit_msg.encrypt_with_password(&mut rng, s2k, SYMMETRIC_KEY_ALGORITHM, || passphrase)?;
let encoded_msg = msg.to_armored_string(None)?; let encoded_msg = msg.to_armored_string(None)?;