sdgoij/rustfs
1
0
Fork 0
mirror of https://github.com/rustfs/rustfs.git synced 2026-01-17 09:40:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #144 from rustfs/iam-sys-3

Browse Source 
add default-feature for crypto crate
This commit is contained in:
weisd
2024-12-03 11:45:47 +08:00
committed by GitHub
parent 33f0221c9e 602b721c0e
commit b6ebb66966
3 changed files with 20 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
crypto/Cargo.toml
View File

@@ -13,7 +13,7 @@ cfg-if = "1.0.0"
chacha20poly1305 = { version = "0.10.1", optional = true }
jsonwebtoken = "9.3.0"
pbkdf2 = { version = "0.12.2", optional = true }
rand.workspace = true
rand = { workspace = true, optional = true }
sha2 = "0.10.8"
thiserror.workspace = true
serde_json.workspace = true
@@ -25,8 +25,14 @@ time.workspace = true
[features]
fips = []
crypto = ["dep:aes-gcm", "dep:argon2", "dep:chacha20poly1305", "dep:pbkdf2"]
# default = ["crypto", "fips"]
crypto = [
"dep:aes-gcm",
"dep:argon2",
"dep:chacha20poly1305",
"dep:pbkdf2",
"dep:rand",
]
default = ["crypto", "fips"]
[lints.clippy]
unwrap_used = "deny"

2
crypto/src/encdec/decrypt.rs
View File

@@ -1,6 +1,7 @@
#[cfg(any(test, feature = "crypto"))]
pub fn decrypt_data(password: &[u8], data: &[u8]) -> Result<Vec<u8>, crate::Error> {
use crate::encdec::id::ID;
use crate::error::Error;
use aes_gcm::{Aes256Gcm, KeyInit as _};
use chacha20poly1305::ChaCha20Poly1305;
@@ -30,6 +31,7 @@ pub fn decrypt_data(password: &[u8], data: &[u8]) -> Result<Vec<u8>, crate::Erro
#[cfg(any(test, feature = "crypto"))]
#[inline]
fn decryp<T: aes_gcm::aead::Aead>(stream: T, nonce: &[u8], data: &[u8]) -> Result<Vec<u8>, crate::Error> {
use crate::error::Error;
stream
.decrypt(aes_gcm::Nonce::from_slice(nonce), data)
.map_err(Error::ErrDecryptFailed)

10
crypto/src/encdec/encrypt.rs
View File

@@ -3,6 +3,7 @@ pub fn encrypt_data(password: &[u8], data: &[u8]) -> Result<Vec<u8>, crate::Erro
use crate::encdec::id::ID;
use aes_gcm::Aes256Gcm;
use aes_gcm::KeyInit as _;
use rand::random;
let salt: [u8; 32] = random();
@@ -34,7 +35,14 @@ pub fn encrypt_data(password: &[u8], data: &[u8]) -> Result<Vec<u8>, crate::Erro
}
#[cfg(any(test, feature = "crypto"))]
fn encrypt<T: aes_gcm::aead::Aead>(stream: T, salt: &[u8], id: ID, data: &[u8]) -> Result<Vec<u8>, crate::Error> {
fn encrypt<T: aes_gcm::aead::Aead>(
stream: T,
salt: &[u8],
id: crate::encdec::id::ID,
data: &[u8],
) -> Result<Vec<u8>, crate::Error> {
use crate::error::Error;
let nonce = T::generate_nonce(rand::thread_rng());
let encryptor = stream.encrypt(&nonce, data).map_err(Error::ErrEncryptFailed)?;