diff options
| author | Quentin Dufour <quentin@deuxfleurs.fr> | 2024-03-08 08:17:03 +0100 |
|---|---|---|
| committer | Quentin Dufour <quentin@deuxfleurs.fr> | 2024-03-08 08:17:03 +0100 |
| commit | 1a43ce5ac7033c148f64a033f2b1d335e95e11d5 (patch) | |
| tree | 60b234604170fe207248458a9c4cdd3f4b7c36f2 /src/cryptoblob.rs | |
| parent | bb9cb386b65834c44cae86bd100f800883022062 (diff) | |
| download | aerogramme-1a43ce5ac7033c148f64a033f2b1d335e95e11d5.tar.gz aerogramme-1a43ce5ac7033c148f64a033f2b1d335e95e11d5.zip | |
WIP refactor
Diffstat (limited to 'src/cryptoblob.rs')
| -rw-r--r-- | src/cryptoblob.rs | 67 |
1 files changed, 0 insertions, 67 deletions
diff --git a/src/cryptoblob.rs b/src/cryptoblob.rs deleted file mode 100644 index 327a642..0000000 --- a/src/cryptoblob.rs +++ /dev/null @@ -1,67 +0,0 @@ -//! Helper functions for secret-key encrypted blobs -//! that contain Zstd encrypted data - -use anyhow::{anyhow, Result}; -use serde::{Deserialize, Serialize}; -use zstd::stream::{decode_all as zstd_decode, encode_all as zstd_encode}; - -//use sodiumoxide::crypto::box_ as publicbox; -use sodiumoxide::crypto::secretbox::xsalsa20poly1305 as secretbox; - -pub use sodiumoxide::crypto::box_::{ - gen_keypair, PublicKey, SecretKey, PUBLICKEYBYTES, SECRETKEYBYTES, -}; -pub use sodiumoxide::crypto::secretbox::xsalsa20poly1305::{gen_key, Key, KEYBYTES}; - -pub fn open(cryptoblob: &[u8], key: &Key) -> Result<Vec<u8>> { - use secretbox::{Nonce, NONCEBYTES}; - - if cryptoblob.len() < NONCEBYTES { - return Err(anyhow!("Cyphertext too short")); - } - - // Decrypt -> get Zstd data - let nonce = Nonce::from_slice(&cryptoblob[..NONCEBYTES]).unwrap(); - let zstdblob = secretbox::open(&cryptoblob[NONCEBYTES..], &nonce, key) - .map_err(|_| anyhow!("Could not decrypt blob"))?; - - // Decompress zstd data - let mut reader = &zstdblob[..]; - let data = zstd_decode(&mut reader)?; - - Ok(data) -} - -pub fn seal(plainblob: &[u8], key: &Key) -> Result<Vec<u8>> { - use secretbox::{gen_nonce, NONCEBYTES}; - - // Compress data using zstd - let mut reader = plainblob; - let zstdblob = zstd_encode(&mut reader, 0)?; - - // Encrypt - let nonce = gen_nonce(); - let cryptoblob = secretbox::seal(&zstdblob, &nonce, key); - - let mut res = Vec::with_capacity(NONCEBYTES + cryptoblob.len()); - res.extend(nonce.as_ref()); - res.extend(cryptoblob); - - Ok(res) -} - -pub fn open_deserialize<T: for<'de> Deserialize<'de>>(cryptoblob: &[u8], key: &Key) -> Result<T> { - let blob = open(cryptoblob, key)?; - - Ok(rmp_serde::decode::from_read_ref::<_, T>(&blob)?) -} - -pub fn seal_serialize<T: Serialize>(obj: T, key: &Key) -> Result<Vec<u8>> { - let mut wr = Vec::with_capacity(128); - let mut se = rmp_serde::Serializer::new(&mut wr) - .with_struct_map() - .with_string_variants(); - obj.serialize(&mut se)?; - - seal(&wr, key) -} |