feat: v0.2.0-dev, x25519 encryption

2023-10-08 00:53:25 +08:00
parent 0bdb89ad25
commit 4d01ea49e2
2 changed files with 6 additions and 4 deletions
--- a/src/cmd_encrypt.rs
+++ b/src/cmd_encrypt.rs
@@ -16,7 +16,7 @@ use crate::config::{TinyEncryptConfig, TinyEncryptConfigEnvelop};
 use crate::crypto_aes::aes_gcm_encrypt;
 use crate::crypto_rsa::parse_spki;
 use crate::spec::{EncMetadata, TINY_ENCRYPT_VERSION_10, TinyEncryptEnvelop, TinyEncryptEnvelopType, TinyEncryptMeta};
-use crate::util::{ENC_AES256_GCM_P256, TINY_ENC_CONFIG_FILE};
+use crate::util::{ENC_AES256_GCM_P256, ENC_AES256_GCM_X25519, TINY_ENC_CONFIG_FILE};
 use crate::wrap_key::{WrapKey, WrapKeyHeader};

 #[derive(Debug, Args)]
@@ -249,19 +249,20 @@ fn encrypt_envelop_ecdh(key: &[u8], envelop: &TinyEncryptConfigEnvelop) -> XResu
    let public_key_point_hex = &envelop.public_part;
    let (shared_secret, ephemeral_spki) = util_ecdh::compute_shared_secret(public_key_point_hex)?;

-    encrypt_envelop_shared_secret(key, &shared_secret, &ephemeral_spki, envelop)
+    encrypt_envelop_shared_secret(key, &shared_secret, &ephemeral_spki, ENC_AES256_GCM_P256, envelop)
 }

 fn encrypt_envelop_ecdh_x25519(key: &[u8], envelop: &TinyEncryptConfigEnvelop) -> XResult<TinyEncryptEnvelop> {
    let public_key_point_hex = &envelop.public_part;
    let (shared_secret, ephemeral_spki) = util_x25519::compute_x25519_shared_secret(public_key_point_hex)?;

-    encrypt_envelop_shared_secret(key, &shared_secret, &ephemeral_spki, envelop)
+    encrypt_envelop_shared_secret(key, &shared_secret, &ephemeral_spki, ENC_AES256_GCM_X25519, envelop)
 }

 fn encrypt_envelop_shared_secret(key: &[u8],
                                 shared_secret: &[u8],
                                 ephemeral_spki: &[u8],
+                                 enc_type: &str,
                                 envelop: &TinyEncryptConfigEnvelop) -> XResult<TinyEncryptEnvelop> {
    let shared_key = util::simple_kdf(shared_secret);
    let (_, nonce) = util::make_key256_and_nonce();
@@ -271,7 +272,7 @@ fn encrypt_envelop_shared_secret(key: &[u8],
    let wrap_key = WrapKey {
        header: WrapKeyHeader {
            kid: Some(envelop.kid.clone()),
-            enc: ENC_AES256_GCM_P256.to_string(),
+            enc: enc_type.to_string(),
            e_pub_key: util::encode_base64_url_no_pad(&ephemeral_spki),
        },
        nonce,