From 60b91ffbe9a0fd2e057eadf3b1abac1a6aee2491 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rodolphe=20Br=C3=A9ard?= Date: Thu, 15 Feb 2024 12:37:14 +0100 Subject: [PATCH] Add the encryption and ikm-management features --- Cargo.toml | 4 +++- src/ikm.rs | 11 +++++++++++ src/lib.rs | 2 ++ 3 files changed, 16 insertions(+), 1 deletion(-) diff --git a/Cargo.toml b/Cargo.toml index b6645b9..128b730 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -12,7 +12,9 @@ keywords = ["cryptography", "encryption"] categories = ["cryptography"] [features] -default = [] +default = ["encryption", "ikm-management"] +encryption = [] +ikm-management = [] i-understand-and-accept-the-risks = [] [dependencies] diff --git a/src/ikm.rs b/src/ikm.rs index 7921b8e..0686816 100644 --- a/src/ikm.rs +++ b/src/ikm.rs @@ -16,6 +16,7 @@ pub struct InputKeyMaterial { } impl InputKeyMaterial { + #[cfg(feature = "ikm-management")] fn as_bytes(&self) -> Result<[u8; IKM_STRUCT_SIZE], Error> { let mut res = Vec::with_capacity(IKM_STRUCT_SIZE); res.extend_from_slice(&self.id.to_le_bytes()); @@ -66,14 +67,17 @@ pub struct InputKeyMaterialList { } impl InputKeyMaterialList { + #[cfg(feature = "ikm-management")] pub fn new() -> Self { Self::default() } + #[cfg(feature = "ikm-management")] pub fn add_ikm(&mut self) -> Result<(), Error> { self.add_ikm_with_duration(Duration::from_secs(crate::DEFAULT_IKM_DURATION)) } + #[cfg(feature = "ikm-management")] pub fn add_ikm_with_duration(&mut self, duration: Duration) -> Result<(), Error> { let mut content: [u8; 32] = [0; 32]; getrandom::getrandom(&mut content)?; @@ -90,6 +94,7 @@ impl InputKeyMaterialList { Ok(()) } + #[cfg(feature = "ikm-management")] pub fn export(&self) -> Result { let data_size = (self.ikm_lst.len() * IKM_STRUCT_SIZE) + 4; let mut data = Vec::with_capacity(data_size); @@ -120,6 +125,7 @@ impl InputKeyMaterialList { mod tests { use super::*; + #[cfg(feature = "ikm-management")] fn round_time(t: SystemTime) -> SystemTime { let secs = t.duration_since(SystemTime::UNIX_EPOCH).unwrap().as_secs(); SystemTime::UNIX_EPOCH @@ -128,6 +134,7 @@ mod tests { } #[test] + #[cfg(feature = "ikm-management")] fn gen_ikm_list() { let mut lst = InputKeyMaterialList::new(); assert_eq!(lst.id_counter, 0); @@ -154,6 +161,7 @@ mod tests { } #[test] + #[cfg(feature = "ikm-management")] fn export_empty() { let lst = InputKeyMaterialList::new(); assert_eq!(lst.id_counter, 0); @@ -166,6 +174,7 @@ mod tests { } #[test] + #[cfg(feature = "ikm-management")] fn export() { let mut lst = InputKeyMaterialList::new(); let _ = lst.add_ikm(); @@ -199,6 +208,7 @@ mod tests { } #[test] + #[cfg(feature = "ikm-management")] fn export_import_empty() { let lst = InputKeyMaterialList::new(); @@ -216,6 +226,7 @@ mod tests { } #[test] + #[cfg(feature = "ikm-management")] fn export_import() { let mut lst = InputKeyMaterialList::new(); for _ in 0..10 { diff --git a/src/lib.rs b/src/lib.rs index af1c211..60ac941 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -6,7 +6,9 @@ pub use error::Error; pub use ikm::InputKeyMaterialList; pub use scheme::Scheme; +#[cfg(feature = "ikm-management")] const DEFAULT_IKM_DURATION: u64 = 60 * 60 * 24 * 365; // In seconds +#[cfg(feature = "ikm-management")] const DEFAULT_SCHEME: Scheme = Scheme::XChaCha20Poly1305WithBlake3; #[cfg(not(feature = "i-understand-and-accept-the-risks"))]