@@ -34,20 +34,21 @@ fn normalize(pass: &[u8]) -> Vec<u8> {
3434}
3535
3636fn hi ( str : & [ u8 ] , salt : & [ u8 ] , i : u32 ) -> GenericArray < u8 , U32 > {
37- let mut hmac = Hmac :: < Sha256 > :: new ( str) ;
37+ let mut hmac = Hmac :: < Sha256 > :: new ( str)
38+ . expect ( "HMAC is able to accept all key sizes" ) ;
3839 hmac. input ( salt) ;
3940 hmac. input ( & [ 0 , 0 , 0 , 1 ] ) ;
40- let mut prev = hmac. result ( ) ;
41+ let mut prev = hmac. result ( ) . code ( ) ;
4142
42- let mut hi = GenericArray :: < u8 , U32 > :: clone_from_slice ( prev. code ( ) ) ;
43+ let mut hi = GenericArray :: < u8 , U32 > :: clone_from_slice ( & prev) ;
4344
4445 for _ in 1 ..i {
45- let mut hmac = Hmac :: < Sha256 > :: new ( str) ;
46- hmac. input ( prev. code ( ) ) ;
47- prev = hmac. result ( ) ;
46+ let mut hmac = Hmac :: < Sha256 > :: new ( str) . expect ( "already checked above" ) ;
47+ hmac. input ( prev. as_slice ( ) ) ;
48+ prev = hmac. result ( ) . code ( ) ;
4849
49- for ( hi, prev) in hi. iter_mut ( ) . zip ( prev. code ( ) ) {
50- * hi ^= * prev;
50+ for ( hi, prev) in hi. iter_mut ( ) . zip ( prev) {
51+ * hi ^= prev;
5152 }
5253 }
5354
@@ -150,26 +151,28 @@ impl ScramSha256 {
150151
151152 let salted_password = hi ( & password, & salt, parsed. iteration_count ) ;
152153
153- let mut hmac = Hmac :: < Sha256 > :: new ( & salted_password) ;
154+ let mut hmac = Hmac :: < Sha256 > :: new ( & salted_password)
155+ . expect ( "HMAC is able to accept all key sizes" ) ;
154156 hmac. input ( b"Client Key" ) ;
155- let client_key = hmac. result ( ) ;
157+ let client_key = hmac. result ( ) . code ( ) ;
156158
157159 let mut hash = Sha256 :: default ( ) ;
158- hash. input ( client_key. code ( ) ) ;
160+ hash. input ( client_key. as_slice ( ) ) ;
159161 let stored_key = hash. result ( ) ;
160162
161163 self . message . clear ( ) ;
162164 write ! ( & mut self . message, "c=biws,r={}" , parsed. nonce) . unwrap ( ) ;
163165
164166 let auth_message = format ! ( "n=,r={},{},{}" , client_nonce, message, self . message) ;
165167
166- let mut hmac = Hmac :: < Sha256 > :: new ( & stored_key) ;
168+ let mut hmac = Hmac :: < Sha256 > :: new ( & stored_key)
169+ . expect ( "HMAC is able to accept all key sizes" ) ;
167170 hmac. input ( auth_message. as_bytes ( ) ) ;
168171 let client_signature = hmac. result ( ) ;
169172
170- let mut client_proof = GenericArray :: < u8 , U32 > :: clone_from_slice ( client_key. code ( ) ) ;
173+ let mut client_proof = GenericArray :: < u8 , U32 > :: clone_from_slice ( & client_key) ;
171174 for ( proof, signature) in client_proof. iter_mut ( ) . zip ( client_signature. code ( ) ) {
172- * proof ^= * signature;
175+ * proof ^= signature;
173176 }
174177
175178 write ! ( & mut self . message, ",p={}" , base64:: encode( & * client_proof) ) . unwrap ( ) ;
@@ -215,20 +218,18 @@ impl ScramSha256 {
215218 Err ( e) => return Err ( io:: Error :: new ( io:: ErrorKind :: InvalidInput , e) ) ,
216219 } ;
217220
218- let mut hmac = Hmac :: < Sha256 > :: new ( & salted_password) ;
221+ let mut hmac = Hmac :: < Sha256 > :: new ( & salted_password)
222+ . expect ( "HMAC is able to accept all key sizes" ) ;
219223 hmac. input ( b"Server Key" ) ;
220224 let server_key = hmac. result ( ) ;
221225
222- let mut hmac = Hmac :: < Sha256 > :: new ( server_key. code ( ) ) ;
226+ let mut hmac = Hmac :: < Sha256 > :: new ( & server_key. code ( ) )
227+ . expect ( "HMAC is able to accept all key sizes" ) ;
223228 hmac. input ( auth_message. as_bytes ( ) ) ;
224- if hmac. verify ( & verifier) {
225- Ok ( ( ) )
226- } else {
227- Err ( io:: Error :: new (
228- io:: ErrorKind :: InvalidInput ,
229- "SCRAM verification error" ,
230- ) )
231- }
229+ hmac. verify ( & verifier) . map_err ( |_| io:: Error :: new (
230+ io:: ErrorKind :: InvalidInput ,
231+ "SCRAM verification error" ,
232+ ) )
232233 }
233234}
234235
0 commit comments