diff options
Diffstat (limited to 'utils/tcp_connection')
| -rw-r--r-- | utils/tcp_connection/Cargo.toml | 12 | ||||
| -rw-r--r-- | utils/tcp_connection/src/instance_challenge.rs | 17 |
2 files changed, 16 insertions, 13 deletions
diff --git a/utils/tcp_connection/Cargo.toml b/utils/tcp_connection/Cargo.toml index da258be..1a68191 100644 --- a/utils/tcp_connection/Cargo.toml +++ b/utils/tcp_connection/Cargo.toml @@ -20,9 +20,9 @@ uuid = "1.18.1" # Crypto rsa = { version = "0.9", features = ["pkcs5", "sha2"] } ed25519-dalek = "3.0.0-pre.1" -ring = "0.17.14" -rand = "0.10.0-rc.0" -base64 = "0.22.1" -pem = "3.0.6" -crc = "3.3.0" -blake3 = "1.8.2" +ring = "0.17" +rand = "0.10" +base64 = "0.22" +pem = "3.0" +crc = "3.3" +blake3 = "1.8" diff --git a/utils/tcp_connection/src/instance_challenge.rs b/utils/tcp_connection/src/instance_challenge.rs index 3a7f6a3..12fce54 100644 --- a/utils/tcp_connection/src/instance_challenge.rs +++ b/utils/tcp_connection/src/instance_challenge.rs @@ -1,6 +1,5 @@ use std::path::Path; -use rand::TryRngCore; use rsa::{ RsaPrivateKey, RsaPublicKey, pkcs1::{DecodeRsaPrivateKey, DecodeRsaPublicKey}, @@ -43,12 +42,7 @@ impl ConnectionInstance { public_key_dir: impl AsRef<Path>, ) -> Result<(bool, String), TcpTargetError> { // Generate random challenge - let mut challenge = [0u8; 32]; - rand::rngs::OsRng - .try_fill_bytes(&mut challenge) - .map_err(|e| { - TcpTargetError::Crypto(format!("Failed to generate random challenge: {}", e)) - })?; + let challenge = Self::gen_challenge()?; // Send challenge to target self.stream.write_all(&challenge).await?; @@ -106,6 +100,15 @@ impl ConnectionInstance { Ok((verified, key_id)) } + fn gen_challenge() -> Result<[u8; 32], TcpTargetError> { + let mut challenge = [0u8; 32]; + let mut rng = rand::rng(); + rand::TryRng::try_fill_bytes(&mut rng, &mut challenge).map_err(|e| { + TcpTargetError::Crypto(format!("Failed to generate random challenge: {}", e)) + })?; + return Ok(challenge); + } + /// Accepts a challenge from the target machine to verify connection security /// /// This method performs a cryptographic challenge-response authentication: |