Skip to content

Commit

Permalink
Switch to threadrng and clean up imports
Browse files Browse the repository at this point in the history
  • Loading branch information
@quexten
quexten committed Nov 22, 2024
1 parent 0b9ee40 commit b048502
Showing 1 changed file with 15 additions and 14 deletions.
29 changes: 15 additions & 14 deletions crates/bitwarden-ssh/src/lib.rs
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
use rand::SeedableRng;
use rand_chacha::ChaCha8Rng;
use ssh_key::{Algorithm, HashAlg, LineEnding};
use error::KeyGenerationError;
use ssh_key::{rand_core::CryptoRngCore, Algorithm, HashAlg, LineEnding};

pub mod error;
pub mod models;
Expand All @@ -14,10 +13,14 @@ pub enum KeyAlgorithm {
pub fn generate_keypair(
key_algorithm: KeyAlgorithm,
) -> Result<models::SshKey, error::KeyGenerationError> {
// sourced from cryptographically secure entropy source, with sources for all targets: https://docs.rs/getrandom
// if it cannot be securely sourced, this will panic instead of leading to a weak key
let mut rng: ChaCha8Rng = ChaCha8Rng::from_entropy();
let rng = rand::thread_rng();
generate_keypair_internal(key_algorithm, rng)
}

Check warning on line 18 in crates/bitwarden-ssh/src/lib.rs

View check run for this annotation

Codecov / codecov/patch

crates/bitwarden-ssh/src/lib.rs#L13-L18 

Added lines #L13 - L18 were not covered by tests

fn generate_keypair_internal(
key_algorithm: KeyAlgorithm,
mut rng: impl CryptoRngCore,
) -> Result<models::SshKey, error::KeyGenerationError> {
let key = match key_algorithm {
KeyAlgorithm::Ed25519 => ssh_key::PrivateKey::random(&mut rng, Algorithm::Ed25519),

Check warning on line 25 in crates/bitwarden-ssh/src/lib.rs

View check run for this annotation

Codecov / codecov/patch

crates/bitwarden-ssh/src/lib.rs#L20-L25 

Added lines #L20 - L25 were not covered by tests
KeyAlgorithm::Rsa3072 | KeyAlgorithm::Rsa4096 => {
Expand All @@ -28,21 +31,19 @@ pub fn generate_keypair(
};

let rsa_keypair = ssh_key::private::RsaKeypair::random(&mut rng, bits)
.map_err(|e| error::KeyGenerationError::KeyGenerationError(e.to_string()))?;
.map_err(|e| KeyGenerationError::KeyGenerationError(e.to_string()))?;

Check warning on line 34 in crates/bitwarden-ssh/src/lib.rs

View check run for this annotation

Codecov / codecov/patch

crates/bitwarden-ssh/src/lib.rs#L33-L34 

Added lines #L33 - L34 were not covered by tests

let private_key = ssh_key::PrivateKey::new(
ssh_key::private::KeypairData::from(rsa_keypair),
"".to_string(),
)
.map_err(|e| error::KeyGenerationError::KeyGenerationError(e.to_string()))?;
let private_key =
ssh_key::PrivateKey::new(ssh_key::private::KeypairData::from(rsa_keypair), "")
.map_err(|e| KeyGenerationError::KeyGenerationError(e.to_string()))?;
Ok(private_key)

Check warning on line 39 in crates/bitwarden-ssh/src/lib.rs

View check run for this annotation

Codecov / codecov/patch

crates/bitwarden-ssh/src/lib.rs#L36-L39 

Added lines #L36 - L39 were not covered by tests
}
}
.map_err(|e| error::KeyGenerationError::KeyGenerationError(e.to_string()))?;
.map_err(|e| KeyGenerationError::KeyGenerationError(e.to_string()))?;

Check warning on line 42 in crates/bitwarden-ssh/src/lib.rs

View check run for this annotation

Codecov / codecov/patch

crates/bitwarden-ssh/src/lib.rs#L42 

Added line #L42 was not covered by tests

let private_key_openssh = key
.to_openssh(LineEnding::LF)
.map_err(|e| error::KeyGenerationError::KeyConversionError(e.to_string()))?;
.map_err(|e| KeyGenerationError::KeyConversionError(e.to_string()))?;
Ok(models::SshKey {
private_key: private_key_openssh.to_string(),
public_key: key.public_key().to_string(),
Expand Down

0 comments on commit b048502

Please sign in to comment.