From 4d01ea49e2a4a822b92846e1af8db2eafd324a18 Mon Sep 17 00:00:00 2001
From: Hatter Jiang <jht5945@gmail.com>
Date: Sun, 8 Oct 2023 00:53:25 +0800
Subject: [PATCH] feat: v0.2.0-dev, x25519 encryption

---
 src/cmd_encrypt.rs | 9 +++++----
 src/util.rs        | 1 +
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/src/cmd_encrypt.rs b/src/cmd_encrypt.rs
index 872e01e..3af58be 100644
--- a/src/cmd_encrypt.rs
+++ b/src/cmd_encrypt.rs
@@ -16,7 +16,7 @@ use crate::config::{TinyEncryptConfig, TinyEncryptConfigEnvelop};
 use crate::crypto_aes::aes_gcm_encrypt;
 use crate::crypto_rsa::parse_spki;
 use crate::spec::{EncMetadata, TINY_ENCRYPT_VERSION_10, TinyEncryptEnvelop, TinyEncryptEnvelopType, TinyEncryptMeta};
-use crate::util::{ENC_AES256_GCM_P256, TINY_ENC_CONFIG_FILE};
+use crate::util::{ENC_AES256_GCM_P256, ENC_AES256_GCM_X25519, TINY_ENC_CONFIG_FILE};
 use crate::wrap_key::{WrapKey, WrapKeyHeader};
 
 #[derive(Debug, Args)]
@@ -249,19 +249,20 @@ fn encrypt_envelop_ecdh(key: &[u8], envelop: &TinyEncryptConfigEnvelop) -> XResu
     let public_key_point_hex = &envelop.public_part;
     let (shared_secret, ephemeral_spki) = util_ecdh::compute_shared_secret(public_key_point_hex)?;
 
-    encrypt_envelop_shared_secret(key, &shared_secret, &ephemeral_spki, envelop)
+    encrypt_envelop_shared_secret(key, &shared_secret, &ephemeral_spki, ENC_AES256_GCM_P256, envelop)
 }
 
 fn encrypt_envelop_ecdh_x25519(key: &[u8], envelop: &TinyEncryptConfigEnvelop) -> XResult<TinyEncryptEnvelop> {
     let public_key_point_hex = &envelop.public_part;
     let (shared_secret, ephemeral_spki) = util_x25519::compute_x25519_shared_secret(public_key_point_hex)?;
 
-    encrypt_envelop_shared_secret(key, &shared_secret, &ephemeral_spki, envelop)
+    encrypt_envelop_shared_secret(key, &shared_secret, &ephemeral_spki, ENC_AES256_GCM_X25519, envelop)
 }
 
 fn encrypt_envelop_shared_secret(key: &[u8],
                                  shared_secret: &[u8],
                                  ephemeral_spki: &[u8],
+                                 enc_type: &str,
                                  envelop: &TinyEncryptConfigEnvelop) -> XResult<TinyEncryptEnvelop> {
     let shared_key = util::simple_kdf(shared_secret);
     let (_, nonce) = util::make_key256_and_nonce();
@@ -271,7 +272,7 @@ fn encrypt_envelop_shared_secret(key: &[u8],
     let wrap_key = WrapKey {
         header: WrapKeyHeader {
             kid: Some(envelop.kid.clone()),
-            enc: ENC_AES256_GCM_P256.to_string(),
+            enc: enc_type.to_string(),
             e_pub_key: util::encode_base64_url_no_pad(&ephemeral_spki),
         },
         nonce,
diff --git a/src/util.rs b/src/util.rs
index e913202..5ec4896 100644
--- a/src/util.rs
+++ b/src/util.rs
@@ -9,6 +9,7 @@ use rust_util::{simple_error, warning, XResult};
 use zeroize::Zeroize;
 
 pub const ENC_AES256_GCM_P256: &str = "aes256-gcm-p256";
+pub const ENC_AES256_GCM_X25519: &str = "aes256-gcm-x25519";
 pub const TINY_ENC_FILE_EXT: &str = ".tinyenc";
 pub const TINY_ENC_CONFIG_FILE: &str = "~/.tinyencrypt/config-rs.json";