Migrate to age-plugin 0.6
This commit is contained in:
Generated
+18
-7
@@ -29,8 +29,9 @@ dependencies = [
|
||||
|
||||
[[package]]
|
||||
name = "age-core"
|
||||
version = "0.10.0"
|
||||
source = "git+https://github.com/str4d/rage.git?rev=baf277a749c839e49f93bffb58d36734ac94be83#baf277a749c839e49f93bffb58d36734ac94be83"
|
||||
version = "0.11.0"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "e2bf6a89c984ca9d850913ece2da39e1d200563b0a94b002b253beee4c5acf99"
|
||||
dependencies = [
|
||||
"base64 0.21.7",
|
||||
"chacha20poly1305",
|
||||
@@ -39,15 +40,16 @@ dependencies = [
|
||||
"io_tee",
|
||||
"nom",
|
||||
"rand",
|
||||
"secrecy",
|
||||
"secrecy 0.10.3",
|
||||
"sha2",
|
||||
"tempfile",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "age-plugin"
|
||||
version = "0.5.0"
|
||||
source = "git+https://github.com/str4d/rage.git?rev=baf277a749c839e49f93bffb58d36734ac94be83#baf277a749c839e49f93bffb58d36734ac94be83"
|
||||
version = "0.6.1"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "f8a31f37914cf72cf36a1cd8ea9f24e5df20899e9348dd3d1c8273f4420ce493"
|
||||
dependencies = [
|
||||
"age-core",
|
||||
"base64 0.21.7",
|
||||
@@ -1018,7 +1020,7 @@ dependencies = [
|
||||
"httpdate",
|
||||
"itoa",
|
||||
"pin-project-lite",
|
||||
"socket2 0.4.10",
|
||||
"socket2 0.5.7",
|
||||
"tokio",
|
||||
"tower-service",
|
||||
"tracing",
|
||||
@@ -2076,6 +2078,15 @@ dependencies = [
|
||||
"zeroize",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "secrecy"
|
||||
version = "0.10.3"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
checksum = "e891af845473308773346dc847b2c23ee78fe442e0472ac50e22a18a93d3ae5a"
|
||||
dependencies = [
|
||||
"zeroize",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "security-framework"
|
||||
version = "2.11.1"
|
||||
@@ -3026,7 +3037,7 @@ dependencies = [
|
||||
"pcsc",
|
||||
"rand_core",
|
||||
"rsa",
|
||||
"secrecy",
|
||||
"secrecy 0.8.0",
|
||||
"sha1",
|
||||
"sha2",
|
||||
"subtle",
|
||||
|
||||
+2
-6
@@ -22,8 +22,8 @@ assets = [
|
||||
]
|
||||
|
||||
[dependencies]
|
||||
age-core = "0.10"
|
||||
age-plugin = "0.5"
|
||||
age-core = "0.11"
|
||||
age-plugin = "0.6"
|
||||
base64 = "0.21"
|
||||
bech32 = "0.9"
|
||||
console = { version = "0.15", default-features = false }
|
||||
@@ -56,7 +56,3 @@ man = "0.3"
|
||||
tempfile = "3"
|
||||
test-with = "0.11"
|
||||
which = "5"
|
||||
|
||||
[patch.crates-io]
|
||||
age-core = { git = "https://github.com/str4d/rage.git", rev = "baf277a749c839e49f93bffb58d36734ac94be83" }
|
||||
age-plugin = { git = "https://github.com/str4d/rage.git", rev = "baf277a749c839e49f93bffb58d36734ac94be83" }
|
||||
|
||||
+10
-8
@@ -3,7 +3,7 @@
|
||||
use age_core::{
|
||||
format::{FileKey, FILE_KEY_BYTES},
|
||||
primitives::{aead_decrypt, hkdf},
|
||||
secrecy::{ExposeSecret, SecretString},
|
||||
secrecy::{zeroize::Zeroize, ExposeSecret, SecretString},
|
||||
};
|
||||
use age_plugin::{identity, Callbacks};
|
||||
use bech32::{ToBase32, Variant};
|
||||
@@ -332,7 +332,7 @@ pub(crate) fn manage(yubikey: &mut YubiKey) -> Result<(), Error> {
|
||||
.with_prompt(fl!("mgr-choose-new-pin"))
|
||||
.with_confirmation(fl!("mgr-repeat-new-pin"), fl!("mgr-pin-mismatch"))
|
||||
.interact()
|
||||
.map(|pin| Result::<_, Infallible>::Ok(SecretString::new(pin)))
|
||||
.map(|pin| Result::<_, Infallible>::Ok(SecretString::from(pin)))
|
||||
},
|
||||
yubikey.serial(),
|
||||
)?
|
||||
@@ -747,12 +747,14 @@ impl Connection {
|
||||
|
||||
// A failure to decrypt is fatal, because we assume that we won't
|
||||
// encounter 32-bit collisions on the key tag embedded in the header.
|
||||
match aead_decrypt(&enc_key, FILE_KEY_BYTES, &line.encrypted_file_key) {
|
||||
Ok(pt) => Ok(TryInto::<[u8; FILE_KEY_BYTES]>::try_into(&pt[..])
|
||||
.unwrap()
|
||||
.into()),
|
||||
Err(_) => Err(()),
|
||||
}
|
||||
aead_decrypt(&enc_key, FILE_KEY_BYTES, &line.encrypted_file_key)
|
||||
.map_err(|_| ())
|
||||
.map(|mut pt| {
|
||||
FileKey::init_with_mut(|file_key| {
|
||||
file_key.copy_from_slice(&pt);
|
||||
pt.zeroize();
|
||||
})
|
||||
})
|
||||
}
|
||||
|
||||
/// Close this connection without resetting the YubiKey.
|
||||
|
||||
Reference in New Issue
Block a user