feat: updates
This commit is contained in:
@@ -13,7 +13,7 @@ use rust_util::{debugging, failure, opt_result, simple_error, success, XResult};
|
||||
use crate::config::{TinyEncryptConfig, TinyEncryptConfigEnvelop};
|
||||
use crate::crypto_rsa::parse_spki;
|
||||
use crate::spec::{EncMetadata, TinyEncryptEnvelop, TinyEncryptEnvelopType, TinyEncryptMeta};
|
||||
use crate::util::{encode_base64, TINY_ENC_CONFIG_FILE};
|
||||
use crate::util::{encode_base64, simple_kdf, TINY_ENC_CONFIG_FILE};
|
||||
|
||||
#[derive(Debug, Args)]
|
||||
pub struct CmdEncrypt {
|
||||
@@ -29,7 +29,7 @@ pub struct CmdEncrypt {
|
||||
|
||||
pub fn encrypt(cmd_encrypt: CmdEncrypt) -> XResult<()> {
|
||||
let config = TinyEncryptConfig::load(TINY_ENC_CONFIG_FILE)?;
|
||||
let envelops = config.find_envelops(&cmd_encrypt.profile);
|
||||
let envelops = config.find_envelops(&cmd_encrypt.profile)?;
|
||||
if envelops.is_empty() { return simple_error!("Cannot find any valid envelops"); }
|
||||
|
||||
debugging!("Cmd encrypt: {:?}", cmd_encrypt);
|
||||
@@ -87,6 +87,7 @@ fn encrypt_envelop_ecdh(key: &[u8], envelop: &TinyEncryptConfigEnvelop) -> XResu
|
||||
let epk_bytes = EphemeralKeyBytes::from_public_key(&epk);
|
||||
let public_key_encoded_point = public_key.to_encoded_point(false);
|
||||
let shared_secret = esk.diffie_hellman(&public_key);
|
||||
let key = simple_kdf(shared_secret.raw_secret_bytes().as_slice());
|
||||
|
||||
// PORT Java Implementation
|
||||
// public static WrapKey encryptEcdhP256(String kid, PublicKey publicKey, byte[] data) {
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
use std::collections::HashMap;
|
||||
use std::fs;
|
||||
use rust_util::{opt_result, XResult};
|
||||
use rust_util::{debugging, opt_result, simple_error, XResult};
|
||||
use rust_util::util_file::resolve_file_path;
|
||||
|
||||
use serde::{Deserialize, Serialize};
|
||||
@@ -25,7 +25,7 @@ use crate::spec::TinyEncryptEnvelopType;
|
||||
/// }
|
||||
/// ],
|
||||
/// "profiles": {
|
||||
/// "default": ["KID-1", "KID-2"],
|
||||
/// "default": ["KID-1", "KID-2", "type:pgp"],
|
||||
/// "leve2": ["KID-2"]
|
||||
/// }
|
||||
/// }
|
||||
@@ -53,10 +53,14 @@ impl TinyEncryptConfig {
|
||||
Ok(opt_result!(serde_json::from_str(&config_contents), "Parse file: {}, failed: {}", file))
|
||||
}
|
||||
|
||||
pub fn find_envelops(&self, profile: &Option<String>) -> Vec<&TinyEncryptConfigEnvelop> {
|
||||
pub fn find_envelops(&self, profile: &Option<String>) -> XResult<Vec<&TinyEncryptConfigEnvelop>> {
|
||||
let profile = profile.as_ref().map(String::as_str).unwrap_or("default");
|
||||
debugging!("Profile: {}", profile);
|
||||
let mut matched_envelops_map = HashMap::new();
|
||||
if let Some(key_ids) = self.profiles.get(profile) {
|
||||
if key_ids.is_empty() {
|
||||
return simple_error!("Profile: {} contains no valid envelopes", profile);
|
||||
}
|
||||
for key_id in key_ids {
|
||||
self.envelops.iter().for_each(|envelop| {
|
||||
let is_matched = (&envelop.kid == key_id)
|
||||
@@ -67,6 +71,11 @@ impl TinyEncryptConfig {
|
||||
});
|
||||
}
|
||||
}
|
||||
matched_envelops_map.values().map(|envelop| *envelop).collect()
|
||||
let envelops: Vec<_> = matched_envelops_map.values().map(|envelop| *envelop).collect();
|
||||
if envelops.is_empty() {
|
||||
return simple_error!("Profile: {} has no valid envelopes found", profile);
|
||||
}
|
||||
debugging!("Found envelopes: {:#?}", envelops);
|
||||
Ok(envelops)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,7 +1,4 @@
|
||||
use rsa::{BigUint, Pkcs1v15Encrypt, RsaPrivateKey, RsaPublicKey};
|
||||
use rsa::pkcs1::der::Decode;
|
||||
use rsa::pkcs8::PrivateKeyInfo;
|
||||
use rsa::traits::PublicKeyParts;
|
||||
use rsa::{BigUint, RsaPublicKey};
|
||||
use rust_util::{opt_result, XResult};
|
||||
use x509_parser::prelude::FromDer;
|
||||
use x509_parser::public_key::RSAPublicKey;
|
||||
@@ -43,6 +40,7 @@ fn pem_to_der_bytes(pem: &str) -> XResult<Vec<u8>> {
|
||||
|
||||
#[test]
|
||||
fn test_parse_spki() {
|
||||
use rsa::traits::PublicKeyParts;
|
||||
let public_key_pem = "-----BEGIN PUBLIC KEY-----\nMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgK\
|
||||
CAgEApUM8M+QRMUw0dIvXISFx\n43j4h9CK38Y9HD6kPcc3Z0dCGPiFy7Ze0OQebPWHyUZ2YmqsdyzFuOQuV9P2pxxj\n/W\
|
||||
LIgRqZV8Jk8tWhtAjOOvm0MTc2rg+EJHfa+zhX4eFEMsj4DvQBMJDXiKnpXTM/\nj7oMKpIUQHqfXBwsEJHLmHZTLeEBEYK\
|
||||
@@ -71,6 +69,9 @@ fn test_parse_spki() {
|
||||
|
||||
#[test]
|
||||
fn test_parse_spki_and_test() {
|
||||
use rsa::{Pkcs1v15Encrypt, RsaPrivateKey};
|
||||
use rsa::pkcs1::der::Decode;
|
||||
use rsa::pkcs8::PrivateKeyInfo;
|
||||
let private_key_pem = "-----BEGIN PRIVATE KEY-----
|
||||
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCsuTaS34xvrgr5
|
||||
ZXEuE8lYDYuLxATq1ds6/8YlNOeKReCGwRkObfKl0uyj79WLka2RCZELDiHyQcDG
|
||||
|
||||
@@ -1,10 +1,10 @@
|
||||
use std::{fs, io};
|
||||
use std::io::Write;
|
||||
use std::path::{Path, PathBuf};
|
||||
use std::path::Path;
|
||||
|
||||
use base64::Engine;
|
||||
use base64::engine::general_purpose;
|
||||
use rust_util::{opt_result, simple_error, warning, XResult};
|
||||
use rust_util::{simple_error, warning, XResult};
|
||||
use zeroize::Zeroize;
|
||||
|
||||
pub const ENC_AES256_GCM_P256: &str = "aes256-gcm-p256";
|
||||
@@ -25,7 +25,7 @@ pub fn require_file_exists(path: impl AsRef<Path>) -> XResult<()> {
|
||||
let path = path.as_ref();
|
||||
match fs::metadata(path) {
|
||||
Ok(_) => Ok(()),
|
||||
Err(e) => simple_error!("File: {} not exists", path.display()),
|
||||
Err(_) => simple_error!("File: {} not exists", path.display()),
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user