Begin to remove openssl dependency

2025-11-26 19:25:44 +08:00 · 2025-11-17 23:48:53 -06:00
parent 76c870547c
commit 8da6938fb3
3 changed files with 68 additions and 24 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -206,6 +206,17 @@ version = "1.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "aae1277d39aeec15cb388266ecc24b11c80469deae6067e17a1a7aa9e5c1f234"
 [[package]]
 name = "aes"
 version = "0.8.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "b169f7a6d4742236a0a00c541b845991d0ac43e546831af1249753ab4c3aa3a0"
 dependencies = [
 "cfg-if",
 "cipher",
 "cpufeatures",
 ]
 [[package]]
 name = "ahash"
 version = "0.8.11"
@@ -367,6 +378,15 @@ dependencies = [
 "generic-array",
 ]
 [[package]]
 name = "block-padding"
 version = "0.3.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "a8894febbff9f758034a5b8e12d87918f56dfc64a8e1fe757d65e29041538d93"
 dependencies = [
 "generic-array",
 ]
 [[package]]
 name = "brotli"
 version = "7.0.0"
@@ -415,6 +435,15 @@ dependencies = [
 "bytes",
 ]
 [[package]]
 name = "cbc"
 version = "0.1.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "26b52a9543ae338f279b96b0b9fed9c8093744685043739079ce85cd58f289a6"
 dependencies = [
 "cipher",
 ]
 [[package]]
 name = "cc"
 version = "1.2.20"
@@ -446,6 +475,16 @@ dependencies = [
 "windows-link",
 ]
 [[package]]
 name = "cipher"
 version = "0.4.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "773f3b9af64447d2ce9850330c473515014aa235e6a783b02db81ff39e4a3dad"
 dependencies = [
 "crypto-common",
 "inout",
 ]
 [[package]]
 name = "clap"
 version = "4.5.37"
@@ -662,7 +701,9 @@ name = "ew"
 version = "1.0.0"
 dependencies = [
 "actix-web",
 "aes",
 "base64",
 "cbc",
 "chrono",
 "clap",
 "hex",
@@ -1261,6 +1302,16 @@ dependencies = [
 "hashbrown 0.15.3",
 ]
 [[package]]
 name = "inout"
 version = "0.1.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "879f10e63c20629ecabbb64a8010319738c66a5cd0c29b02d63d272b03751d01"
 dependencies = [
 "block-padding",
 "generic-array",
 ]
 [[package]]
 name = "ipnet"
 version = "2.11.0"
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -28,3 +28,5 @@ include-flate-codegen = "0.3.0"
 libflate = "2.1.0"
 serde_json = "1.0.140"
 serde = { version = "1.0.219", features = ["derive"] }
 cbc = { version = "0.1.2", features = ["alloc"] }
 aes = "0.8.4"
--- a/src/encryption.rs
+++ b/src/encryption.rs
@@ -1,47 +1,38 @@
 use openssl::symm::{Cipher, Crypter, Mode};
 use openssl::error::ErrorStack;
 use base64::{Engine as _, engine::general_purpose};
 use rand::Rng;
 use aes::cipher::BlockEncryptMut;
 use aes::cipher::{block_padding::Pkcs7, BlockDecryptMut, KeyIvInit};
 type Aes256CbcEnc = cbc::Encryptor<aes::Aes256>;
 type Aes256CbcDec = cbc::Decryptor<aes::Aes256>;
 const IV_LENGTH: usize = 16;
 const KEY: &str = "3559b435f24b297a79c68b9709ef2125";
-pub fn decrypt_packet(base64_input: &str) -> Result<String, ErrorStack> {
+pub fn decrypt_packet(base64_input: &str) -> Result<String, String> {
    if base64_input.len() < IV_LENGTH + 1 {
        return Ok(String::new());
    }
    let base64_buffer = general_purpose::STANDARD.decode(base64_input).unwrap();
    let decryption_iv = &base64_buffer[..IV_LENGTH];
-    let ciphertext = &base64_buffer[IV_LENGTH..];
+    let mut ciphertext = base64_buffer[IV_LENGTH..].to_vec();
-    let cipher = Cipher::aes_256_cbc();
+    let decrypted_data = Aes256CbcDec::new(KEY.as_bytes().into(), decryption_iv.into())
-    let mut decrypter = Crypter::new(cipher, Mode::Decrypt, KEY.as_bytes(), Some(decryption_iv))?;
+        .decrypt_padded_mut::<Pkcs7>(&mut ciphertext).ok()
        .ok_or(String::from("uhoh"))?;
-    let mut decrypted_data = vec![0u8; ciphertext.len() + cipher.block_size()];
+    Ok(String::from_utf8(decrypted_data.to_vec()).unwrap())
    let mut decrypted_len = decrypter.update(ciphertext, &mut decrypted_data)?;
    decrypted_len += decrypter.finalize(&mut decrypted_data[decrypted_len..])?;
    decrypted_data.truncate(decrypted_len);
    Ok(String::from_utf8(decrypted_data).unwrap())
 }
-pub fn encrypt_packet(input: &str) -> Result<String, ErrorStack> {
+pub fn encrypt_packet(input: &str) -> Result<String, String> {
    let cipher = Cipher::aes_256_cbc();
    let encryption_iv = generate_random_iv();
-    let mut encrypter = Crypter::new(cipher, Mode::Encrypt, KEY.as_bytes(), Some(&encryption_iv))?;
+    let encrypted = Aes256CbcEnc::new(KEY.as_bytes().into(), encryption_iv.as_slice().into())
        .encrypt_padded_vec_mut::<Pkcs7>(input.as_bytes());
    let mut encrypted_data = vec![0u8; input.len() + cipher.block_size()];
    let mut encrypted_len = encrypter.update(input.as_bytes(), &mut encrypted_data)?;
    encrypted_len += encrypter.finalize(&mut encrypted_data[encrypted_len..])?;
    encrypted_data.truncate(encrypted_len);
    let mut result = encryption_iv.to_vec();
-    result.extend_from_slice(&encrypted_data);
+    result.extend_from_slice(&encrypted);
    Ok(general_purpose::STANDARD.encode(&result))
 }