Dark-Alex-17/gman
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: Addressed XNonce::from_slice deprecation warning

Browse Source
This commit is contained in:
Alex Clarke
2026-02-01 14:48:37 -07:00
parent 21da7b782e
commit c95bae1761
4 changed files with 20 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/bin/gman/cli.rs
+2 -2
View File
@@ -1,8 +1,8 @@
use crate::command::preview_command; use crate::command::preview_command;
use anyhow::{Context, Result, anyhow}; use anyhow::{anyhow, Context, Result};
use clap_complete::CompletionCandidate; use clap_complete::CompletionCandidate;
use futures::future::join_all; use futures::future::join_all;
use gman::config::{Config, RunConfig, load_config}; use gman::config::{load_config, Config, RunConfig};
use log::{debug, error}; use log::{debug, error};
use regex::Regex; use regex::Regex;
use std::collections::HashMap; use std::collections::HashMap;
src/bin/gman/utils.rs
+1 -1
View File
@@ -1,5 +1,5 @@
use anyhow::{Context, Result}; use anyhow::{Context, Result};
use gman::config::{Config, get_config_file_path}; use gman::config::{get_config_file_path, Config};
use log::LevelFilter; use log::LevelFilter;
use log4rs::append::console::ConsoleAppender; use log4rs::append::console::ConsoleAppender;
use log4rs::append::file::FileAppender; use log4rs::append::file::FileAppender;
src/lib.rs
+8 -7
View File
@@ -61,7 +61,7 @@ fn derive_key(password: &SecretString, salt: &[u8]) -> Result<Key> {
.hash_password_into(password.expose_secret().as_bytes(), salt, &mut key_bytes) .hash_password_into(password.expose_secret().as_bytes(), salt, &mut key_bytes)
.map_err(|e| anyhow!("argon2 into error: {:?}", e))?; .map_err(|e| anyhow!("argon2 into error: {:?}", e))?;
let key = *Key::from_slice(&key_bytes); let key: Key = key_bytes.into();
key_bytes.zeroize(); key_bytes.zeroize();
Ok(key) Ok(key)
} }
@@ -93,11 +93,11 @@ pub fn encrypt_string(password: impl Into<SecretString>, plaintext: &str) -> Res
let aad = format!("{};{}", HEADER, VERSION); let aad = format!("{};{}", HEADER, VERSION);
let nonce = XNonce::from_slice(&nonce_bytes); let nonce: XNonce = nonce_bytes.into();
let mut pt = plaintext.as_bytes().to_vec(); let mut pt = plaintext.as_bytes().to_vec();
let ct = cipher let ct = cipher
.encrypt( .encrypt(
nonce, &nonce,
chacha20poly1305::aead::Payload { chacha20poly1305::aead::Payload {
msg: &pt, msg: &pt,
aad: aad.as_bytes(), aad: aad.as_bytes(),
@@ -179,7 +179,7 @@ pub fn decrypt_string(password: impl Into<SecretString>, envelope: &str) -> Resu
let ct_b64 = parts[6].strip_prefix("ct=").context("missing ct")?; let ct_b64 = parts[6].strip_prefix("ct=").context("missing ct")?;
let salt_bytes = B64.decode(salt_b64).context("bad salt b64")?; let salt_bytes = B64.decode(salt_b64).context("bad salt b64")?;
let mut nonce_bytes = B64.decode(nonce_b64).context("bad nonce b64")?; let nonce_bytes = B64.decode(nonce_b64).context("bad nonce b64")?;
let mut ct = B64.decode(ct_b64).context("bad ct b64")?; let mut ct = B64.decode(ct_b64).context("bad ct b64")?;
if nonce_bytes.len() != NONCE_LEN { if nonce_bytes.len() != NONCE_LEN {
@@ -191,10 +191,11 @@ pub fn decrypt_string(password: impl Into<SecretString>, envelope: &str) -> Resu
let cipher = XChaCha20Poly1305::new(&key); let cipher = XChaCha20Poly1305::new(&key);
let aad = format!("{};{}", HEADER, VERSION); let aad = format!("{};{}", HEADER, VERSION);
let nonce = XNonce::from_slice(&nonce_bytes); let mut nonce_arr: [u8; NONCE_LEN] = nonce_bytes.try_into().map_err(|_| anyhow!("invalid nonce length"))?;
let nonce: XNonce = nonce_arr.into();
let pt = cipher let pt = cipher
.decrypt( .decrypt(
nonce, &nonce,
chacha20poly1305::aead::Payload { chacha20poly1305::aead::Payload {
msg: &ct, msg: &ct,
aad: aad.as_bytes(), aad: aad.as_bytes(),
@@ -202,7 +203,7 @@ pub fn decrypt_string(password: impl Into<SecretString>, envelope: &str) -> Resu
) )
.map_err(|_| anyhow!("decryption failed (wrong password or corrupted data)"))?; .map_err(|_| anyhow!("decryption failed (wrong password or corrupted data)"))?;
nonce_bytes.zeroize(); nonce_arr.zeroize();
ct.zeroize(); ct.zeroize();
let s = String::from_utf8(pt).context("plaintext not valid UTF-8")?; let s = String::from_utf8(pt).context("plaintext not valid UTF-8")?;
src/providers/local.rs
+9 -8
View File
@@ -382,11 +382,11 @@ fn encrypt_string(password: &SecretString, plaintext: &str) -> Result<String> {
let cipher = XChaCha20Poly1305::new(&key); let cipher = XChaCha20Poly1305::new(&key);
let aad = format!("{};{}", HEADER, VERSION); let aad = format!("{};{}", HEADER, VERSION);
let nonce = XNonce::from_slice(&nonce_bytes); let nonce: XNonce = nonce_bytes.into();
let mut pt = plaintext.as_bytes().to_vec(); let mut pt = plaintext.as_bytes().to_vec();
let ct = cipher let ct = cipher
.encrypt( .encrypt(
nonce, &nonce,
chacha20poly1305::aead::Payload { chacha20poly1305::aead::Payload {
msg: &pt, msg: &pt,
aad: aad.as_bytes(), aad: aad.as_bytes(),
@@ -429,9 +429,9 @@ fn derive_key_with_params(
argon argon
.hash_password_into(password.expose_secret().as_bytes(), salt, &mut key_bytes) .hash_password_into(password.expose_secret().as_bytes(), salt, &mut key_bytes)
.map_err(|e| anyhow!("argon2 derive error: {:?}", e))?; .map_err(|e| anyhow!("argon2 derive error: {:?}", e))?;
let key: Key = key_bytes.into();
key_bytes.zeroize(); key_bytes.zeroize();
let key = Key::from_slice(&key_bytes); Ok(key)
Ok(*key)
} }
fn derive_key(password: &SecretString, salt: &[u8]) -> Result<Key> { fn derive_key(password: &SecretString, salt: &[u8]) -> Result<Key> {
@@ -481,7 +481,7 @@ fn decrypt_string(password: &SecretString, envelope: &str) -> Result<String> {
let ct_b64 = parts[6].strip_prefix("ct=").with_context(|| "missing ct")?; let ct_b64 = parts[6].strip_prefix("ct=").with_context(|| "missing ct")?;
let mut salt = B64.decode(salt_b64).with_context(|| "bad salt b64")?; let mut salt = B64.decode(salt_b64).with_context(|| "bad salt b64")?;
let mut nonce_bytes = B64.decode(nonce_b64).with_context(|| "bad nonce b64")?; let nonce_bytes = B64.decode(nonce_b64).with_context(|| "bad nonce b64")?;
let mut ct = B64.decode(ct_b64).with_context(|| "bad ct b64")?; let mut ct = B64.decode(ct_b64).with_context(|| "bad ct b64")?;
if salt.len() != SALT_LEN || nonce_bytes.len() != NONCE_LEN { if salt.len() != SALT_LEN || nonce_bytes.len() != NONCE_LEN {
@@ -496,11 +496,12 @@ fn decrypt_string(password: &SecretString, envelope: &str) -> Result<String> {
let key = derive_key_with_params(password, &salt, m, t, p)?; let key = derive_key_with_params(password, &salt, m, t, p)?;
let cipher = XChaCha20Poly1305::new(&key); let cipher = XChaCha20Poly1305::new(&key);
let aad = format!("{};{}", HEADER, VERSION); let aad = format!("{};{}", HEADER, VERSION);
let nonce = XNonce::from_slice(&nonce_bytes); let mut nonce_arr: [u8; NONCE_LEN] = nonce_bytes.try_into().map_err(|_| anyhow!("invalid nonce length"))?;
let nonce: XNonce = nonce_arr.into();
let pt = cipher let pt = cipher
.decrypt( .decrypt(
nonce, &nonce,
chacha20poly1305::aead::Payload { chacha20poly1305::aead::Payload {
msg: &ct, msg: &ct,
aad: aad.as_bytes(), aad: aad.as_bytes(),
@@ -509,7 +510,7 @@ fn decrypt_string(password: &SecretString, envelope: &str) -> Result<String> {
.map_err(|_| anyhow!("decryption failed (wrong password or corrupted data)"))?; .map_err(|_| anyhow!("decryption failed (wrong password or corrupted data)"))?;
salt.zeroize(); salt.zeroize();
nonce_bytes.zeroize(); nonce_arr.zeroize();
ct.zeroize(); ct.zeroize();
let s = String::from_utf8(pt).with_context(|| "plaintext not valid UTF-8")?; let s = String::from_utf8(pt).with_context(|| "plaintext not valid UTF-8")?;