Skip to content

Commit ded17d0

Browse files
KrLiteKrLite
committed
fix: sha-256 parsing
1 parent 1ab4515 commit ded17d0

3 files changed

Lines changed: 48 additions & 2 deletions

File tree

src/env.rs

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,8 @@ use std::{env, path::PathBuf};
55
use api_framework::{parse_env, static_lazy_lock};
66
use tracing::level_filters::LevelFilter;
77

8+
use crate::sha256::sha256_hex_to_bytes;
9+
810
/// Sets up environment variables from `.env` and `{crate_name}.env`.
911
pub fn setup() {
1012
dotenvy::dotenv().ok();
@@ -61,10 +63,10 @@ static_lazy_lock! {
6163

6264
static_lazy_lock! {
6365
/// The PASETO symmetric key hashed using SHA256.
64-
pub PASETO_SYMMETRIC_KEY: [u8; 32] = parse_env!("PASETO_SYMMETRIC_KEY" => |k| Ok::<[u8; 32], _>(k.as_bytes().try_into().expect("PASETO_SYMMETRIC_KEY must be 32 bytes long"))).expect("PASETO_SYMMETRIC_KEY not set in environment");
66+
pub PASETO_SYMMETRIC_KEY: [u8; 32] = parse_env!("PASETO_SYMMETRIC_KEY" => |k| Ok(sha256_hex_to_bytes(&k).expect("PASETO_SYMMETRIC_KEY must be a valid 32-byte long SHA256 token"))).expect("PASETO_SYMMETRIC_KEY not set in environment");
6567
}
6668

6769
static_lazy_lock! {
6870
/// The session symmetric key hashed using SHA256.
69-
pub SESSION_SYMMETRIC_KEY: [u8; 32] = parse_env!("SESSION_SYMMETRIC_KEY" => |k| Ok::<[u8; 32], _>(k.as_bytes().try_into().expect("SESSION_SYMMETRIC_KEY must be 32 bytes long"))).expect("SESSION_SYMMETRIC_KEY not set in environment");
71+
pub SESSION_SYMMETRIC_KEY: [u8; 32] = parse_env!("SESSION_SYMMETRIC_KEY" => |k| Ok(sha256_hex_to_bytes(&k).expect("SESSION_SYMMETRIC_KEY must be a valid 32-byte long SHA256 token"))).expect("SESSION_SYMMETRIC_KEY not set in environment");
7072
}

src/main.rs

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@ use tokio::net::TcpListener;
1414

1515
pub mod config;
1616
pub mod env;
17+
pub mod sha256;
1718
pub mod trace;
1819

1920
pub mod database;

src/sha256.rs

Lines changed: 43 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,43 @@
1+
//! Utilities for handling SHA-256 hashes.
2+
3+
/// Converts a SHA-256 hash in hexadecimal string format to a byte array.
4+
#[derive(Debug)]
5+
#[non_exhaustive]
6+
pub enum HexDecodeError {
7+
/// The provided hex string does not have the correct length.
8+
InvalidLength,
9+
/// The provided hex string contains invalid characters.
10+
InvalidHexCharacter,
11+
}
12+
13+
/// Converts a SHA-256 hash in hexadecimal string format to a byte array.
14+
///
15+
/// # Errors
16+
///
17+
/// Returns [`HexDecodeError`] if the input string is not a valid SHA-256 hex string.
18+
pub fn sha256_hex_to_bytes(hex: &str) -> Result<[u8; 32], HexDecodeError> {
19+
if hex.len() != 64 {
20+
return Err(HexDecodeError::InvalidLength);
21+
}
22+
23+
let mut out = [0u8; 32];
24+
let bytes = hex.as_bytes();
25+
26+
for i in 0..32 {
27+
let hi = from_hex(bytes[i * 2])?;
28+
let lo = from_hex(bytes[i * 2 + 1])?;
29+
out[i] = (hi << 4) | lo;
30+
}
31+
32+
Ok(out)
33+
}
34+
35+
#[inline]
36+
fn from_hex(b: u8) -> Result<u8, HexDecodeError> {
37+
match b {
38+
b'0'..=b'9' => Ok(b - b'0'),
39+
b'a'..=b'f' => Ok(b - b'a' + 10),
40+
b'A'..=b'F' => Ok(b - b'A' + 10),
41+
_ => Err(HexDecodeError::InvalidHexCharacter),
42+
}
43+
}

0 commit comments

Comments
 (0)