Dark-Alex-17/gman
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: Addressed XNonce::from_slice deprecation warning

Browse Source
This commit is contained in:
Alex Clarke
2026-02-01 14:48:37 -07:00
parent 21da7b782e
commit c95bae1761
4 changed files with 20 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/providers/local.rs
+9 -8
View File
@@ -382,11 +382,11 @@ fn encrypt_string(password: &SecretString, plaintext: &str) -> Result<String> {
let cipher = XChaCha20Poly1305::new(&key);
let aad = format!("{};{}", HEADER, VERSION);
let nonce = XNonce::from_slice(&nonce_bytes);
let nonce: XNonce = nonce_bytes.into();
let mut pt = plaintext.as_bytes().to_vec();
let ct = cipher
.encrypt(
nonce,
&nonce,
chacha20poly1305::aead::Payload {
msg: &pt,
aad: aad.as_bytes(),
@@ -429,9 +429,9 @@ fn derive_key_with_params(
argon
.hash_password_into(password.expose_secret().as_bytes(), salt, &mut key_bytes)
.map_err(|e| anyhow!("argon2 derive error: {:?}", e))?;
let key: Key = key_bytes.into();
key_bytes.zeroize();
let key = Key::from_slice(&key_bytes);
Ok(*key)
Ok(key)
}
fn derive_key(password: &SecretString, salt: &[u8]) -> Result<Key> {
@@ -481,7 +481,7 @@ fn decrypt_string(password: &SecretString, envelope: &str) -> Result<String> {
let ct_b64 = parts[6].strip_prefix("ct=").with_context(|| "missing ct")?;
let mut salt = B64.decode(salt_b64).with_context(|| "bad salt b64")?;
let mut nonce_bytes = B64.decode(nonce_b64).with_context(|| "bad nonce b64")?;
let nonce_bytes = B64.decode(nonce_b64).with_context(|| "bad nonce b64")?;
let mut ct = B64.decode(ct_b64).with_context(|| "bad ct b64")?;
if salt.len() != SALT_LEN || nonce_bytes.len() != NONCE_LEN {
@@ -496,11 +496,12 @@ fn decrypt_string(password: &SecretString, envelope: &str) -> Result<String> {
let key = derive_key_with_params(password, &salt, m, t, p)?;
let cipher = XChaCha20Poly1305::new(&key);
let aad = format!("{};{}", HEADER, VERSION);
let nonce = XNonce::from_slice(&nonce_bytes);
let mut nonce_arr: [u8; NONCE_LEN] = nonce_bytes.try_into().map_err(|_| anyhow!("invalid nonce length"))?;
let nonce: XNonce = nonce_arr.into();
let pt = cipher
.decrypt(
nonce,
&nonce,
chacha20poly1305::aead::Payload {
msg: &ct,
aad: aad.as_bytes(),
@@ -509,7 +510,7 @@ fn decrypt_string(password: &SecretString, envelope: &str) -> Result<String> {
.map_err(|_| anyhow!("decryption failed (wrong password or corrupted data)"))?;
salt.zeroize();
nonce_bytes.zeroize();
nonce_arr.zeroize();
ct.zeroize();
let s = String::from_utf8(pt).with_context(|| "plaintext not valid UTF-8")?;