diff options
Diffstat (limited to 'src/crypto.rs')
| -rw-r--r-- | src/crypto.rs | 24 |
1 files changed, 14 insertions, 10 deletions
diff --git a/src/crypto.rs b/src/crypto.rs index 7fba9cd..4413663 100644 --- a/src/crypto.rs +++ b/src/crypto.rs @@ -17,7 +17,7 @@ use sha2::Sha256; use crate::{ serde::as_hex, - types::{AccountResetID, KeyFetchID, PasswordChangeID, SessionID}, + types::{AccountResetID, HawkKey, KeyFetchID, PasswordChangeID, SessionID}, }; const NAMESPACE: &[u8] = b"identity.mozilla.com/picl/v1/"; @@ -191,13 +191,13 @@ impl SessionToken { pub(crate) struct SessionCredentials { pub token_id: SessionID, - pub req_hmac_key: SecretBytes<32>, + pub req_hmac_key: HawkKey, } impl SessionCredentials { pub fn derive_from(seed: &SessionToken) -> Self { let (token_id, req_hmac_key) = from_hkdf(&seed.0, &[NAMESPACE, b"sessionToken"]); - Self { token_id: SessionID(token_id), req_hmac_key } + Self { token_id: SessionID(token_id), req_hmac_key: HawkKey(req_hmac_key) } } } @@ -218,7 +218,7 @@ impl KeyFetchToken { pub(crate) struct KeyFetchReq { pub token_id: KeyFetchID, - pub req_hmac_key: SecretBytes<32>, + pub req_hmac_key: HawkKey, key_request_key: SecretBytes<32>, } @@ -226,7 +226,11 @@ impl KeyFetchReq { pub fn derive_from(key_fetch_token: &KeyFetchToken) -> Self { let (token_id, (req_hmac_key, key_request_key)) = from_hkdf(&key_fetch_token.0, &[NAMESPACE, b"keyFetchToken"]); - Self { token_id: KeyFetchID(token_id), req_hmac_key, key_request_key } + Self { + token_id: KeyFetchID(token_id), + req_hmac_key: HawkKey(req_hmac_key), + key_request_key, + } } pub fn derive_resp(&self) -> KeyFetchResp { @@ -298,18 +302,18 @@ impl PasswordChangeToken { pub(crate) struct PasswordChangeReq { pub token_id: PasswordChangeID, - pub req_hmac_key: SecretBytes<32>, + pub req_hmac_key: HawkKey, } impl PasswordChangeReq { pub fn derive_from_change_token(token: &PasswordChangeToken) -> Self { let (token_id, req_hmac_key) = from_hkdf(&token.0, &[NAMESPACE, b"passwordChangeToken"]); - Self { token_id: PasswordChangeID(token_id), req_hmac_key } + Self { token_id: PasswordChangeID(token_id), req_hmac_key: HawkKey(req_hmac_key) } } pub fn derive_from_forgot_token(token: &PasswordChangeToken) -> Self { let (token_id, req_hmac_key) = from_hkdf(&token.0, &[NAMESPACE, b"passwordForgotToken"]); - Self { token_id: PasswordChangeID(token_id), req_hmac_key } + Self { token_id: PasswordChangeID(token_id), req_hmac_key: HawkKey(req_hmac_key) } } } @@ -330,13 +334,13 @@ impl AccountResetToken { pub(crate) struct AccountResetReq { pub token_id: AccountResetID, - pub req_hmac_key: SecretBytes<32>, + pub req_hmac_key: HawkKey, } impl AccountResetReq { pub fn derive_from(token: &AccountResetToken) -> Self { let (token_id, req_hmac_key) = from_hkdf(&token.0, &[NAMESPACE, b"accountResetToken"]); - Self { token_id: AccountResetID(token_id), req_hmac_key } + Self { token_id: AccountResetID(token_id), req_hmac_key: HawkKey(req_hmac_key) } } } |