feat! drop MAC passphrase, fix key derivation

Previously we were deriving a key that was of the wrong length for the aead crate. Now we make it the right length.
author: Lars Wirzenius <liw@liw.fi> 2021-05-29 11:39:31 +0300
committer: Lars Wirzenius <liw@liw.fi> 2021-05-29 15:20:23 +0300
commit: 426e6acb7129756aea295c01b56a902d655efa6d (patch)
tree: c999418f1ef4b4480ecc05f28e1d3f9492a372b9
parent: cc62aac1a3ebdb1bf48a6520d430ad80948bcd51 (diff)
download: obnam2-426e6acb7129756aea295c01b56a902d655efa6d.tar.gz
1 files changed, 10 insertions, 5 deletions
diff --git a/src/passwords.rs b/src/passwords.rs
index b8ca3f5..a1cf42e 100644
--- a/src/passwords.rs
+++ b/src/passwords.rs
@@ -8,18 +8,23 @@ use std::io::prelude::Write;
 use std::os::unix::fs::PermissionsExt;
 use std::path::{Path, PathBuf};
 
+const KEY_LEN: usize = 32; // Only size accepted by aead crate?
+
 #[derive(Debug, Serialize, Deserialize, Clone)]
 pub struct Passwords {
     encryption: String,
-    mac: String,
 }
 
 impl Passwords {
     pub fn new(passphrase: &str) -> Self {
-        Self {
-            encryption: derive_password(passphrase),
-            mac: derive_password(passphrase),
-        }
+        let mut key = derive_password(passphrase);
+        let _ = key.split_off(KEY_LEN);
+        assert_eq!(key.len(), KEY_LEN);
+        Self { encryption: key }
+    }
+
+    pub fn encryption_key(&self) -> &[u8] {
+        self.encryption.as_bytes()
     }
 
     pub fn load(filename: &Path) -> Result<Self, PasswordError> {
author	Lars Wirzenius <liw@liw.fi>	2021-05-29 11:39:31 +0300
committer	Lars Wirzenius <liw@liw.fi>	2021-05-29 15:20:23 +0300
commit	426e6acb7129756aea295c01b56a902d655efa6d (patch)
tree	c999418f1ef4b4480ecc05f28e1d3f9492a372b9
parent	cc62aac1a3ebdb1bf48a6520d430ad80948bcd51 (diff)
download	obnam2-426e6acb7129756aea295c01b56a902d655efa6d.tar.gz