foil/src/crypt.rs

use super::db;
use crypto::scrypt::{self, ScryptParams};
use rand::rngs::OsRng;
use rand::Rng;
use rustc_serialize::base64;
use rustc_serialize::base64::{FromBase64, ToBase64};
use std::io;

pub fn get_master_key(db_conn: &db::DbHandle, master_password: &str) -> io::Result<[u8; 32]> {
    let scrypt_params: ScryptParams = ScryptParams::new(12, 16, 2);
    let salt: Vec<u8> = get_salt(db_conn)?;
    // 256 bit derived key
    let mut derived_key = [0u8; 32];

    scrypt::scrypt(
        master_password.as_bytes(),
        &*salt,
        &scrypt_params,
        &mut derived_key,
    );
    Ok(derived_key)
}

fn get_salt(db_conn: &db::DbHandle) -> io::Result<Vec<u8>> {
    let existing_salt: Option<String> = db_conn
        .get_db_property("salt")
        .expect("There was a problem reading from the db");

    match existing_salt {
        Some(salt) => Ok(salt.from_base64().unwrap()),
        None => {
            let mut rng = OsRng::new()?;
            // 128 bit salt
            let salt: Vec<u8> = rng.gen::<[u8; 16]>().to_vec();
            db_conn.set_db_property("salt", &salt.to_base64(base64::STANDARD));
            Ok(salt)
        }
    }
}