hatter/tiny-encrypt-rs
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

v0.2-x25519 #1

Merged
hatter merged 3 commits from v0.2-x25519 into master 2023-10-08 22:14:49 +08:00
Conversation 0 Commits 3 Files Changed 9 +6 -4
2 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 4d01ea49e2 - Show all commits

9
src/cmd_encrypt.rs
View File

@@ -16,7 +16,7 @@ use crate::config::{TinyEncryptConfig, TinyEncryptConfigEnvelop};
use crate::crypto_aes::aes_gcm_encrypt;
use crate::crypto_rsa::parse_spki;
use crate::spec::{EncMetadata, TINY_ENCRYPT_VERSION_10, TinyEncryptEnvelop, TinyEncryptEnvelopType, TinyEncryptMeta};
use crate::util::{ENC_AES256_GCM_P256, TINY_ENC_CONFIG_FILE};
use crate::util::{ENC_AES256_GCM_P256, ENC_AES256_GCM_X25519, TINY_ENC_CONFIG_FILE};
use crate::wrap_key::{WrapKey, WrapKeyHeader};
#[derive(Debug, Args)]
@@ -249,19 +249,20 @@ fn encrypt_envelop_ecdh(key: &[u8], envelop: &TinyEncryptConfigEnvelop) -> XResu
let public_key_point_hex = &envelop.public_part;
let (shared_secret, ephemeral_spki) = util_ecdh::compute_shared_secret(public_key_point_hex)?;
encrypt_envelop_shared_secret(key, &shared_secret, &ephemeral_spki, envelop)
encrypt_envelop_shared_secret(key, &shared_secret, &ephemeral_spki, ENC_AES256_GCM_P256, envelop)
}
fn encrypt_envelop_ecdh_x25519(key: &[u8], envelop: &TinyEncryptConfigEnvelop) -> XResult<TinyEncryptEnvelop> {
let public_key_point_hex = &envelop.public_part;
let (shared_secret, ephemeral_spki) = util_x25519::compute_x25519_shared_secret(public_key_point_hex)?;
encrypt_envelop_shared_secret(key, &shared_secret, &ephemeral_spki, envelop)
encrypt_envelop_shared_secret(key, &shared_secret, &ephemeral_spki, ENC_AES256_GCM_X25519, envelop)
}
fn encrypt_envelop_shared_secret(key: &[u8],
shared_secret: &[u8],
ephemeral_spki: &[u8],
enc_type: &str,
envelop: &TinyEncryptConfigEnvelop) -> XResult<TinyEncryptEnvelop> {
let shared_key = util::simple_kdf(shared_secret);
let (_, nonce) = util::make_key256_and_nonce();
@@ -271,7 +272,7 @@ fn encrypt_envelop_shared_secret(key: &[u8],
let wrap_key = WrapKey {
header: WrapKeyHeader {
kid: Some(envelop.kid.clone()),
enc: ENC_AES256_GCM_P256.to_string(),
enc: enc_type.to_string(),
e_pub_key: util::encode_base64_url_no_pad(&ephemeral_spki),
},
nonce,

1
src/util.rs
View File

@@ -9,6 +9,7 @@ use rust_util::{simple_error, warning, XResult};
use zeroize::Zeroize;
pub const ENC_AES256_GCM_P256: &str = "aes256-gcm-p256";
pub const ENC_AES256_GCM_X25519: &str = "aes256-gcm-x25519";
pub const TINY_ENC_FILE_EXT: &str = ".tinyenc";
pub const TINY_ENC_CONFIG_FILE: &str = "~/.tinyencrypt/config-rs.json";