Add the encryption and ikm-management features
This commit is contained in:
Rodolphe Bréard
parent
9984d528e2
commit
60b91ffbe9
3 changed files with 16 additions and 1 deletions
|
|
@ -12,7 +12,9 @@ keywords = ["cryptography", "encryption"]
|
||||||
categories = ["cryptography"]
|
categories = ["cryptography"]
|
||||||
|
|
||||||
[features]
|
[features]
|
||||||
default = []
|
default = ["encryption", "ikm-management"]
|
||||||
|
encryption = []
|
||||||
|
ikm-management = []
|
||||||
i-understand-and-accept-the-risks = []
|
i-understand-and-accept-the-risks = []
|
||||||
|
|
||||||
[dependencies]
|
[dependencies]
|
||||||
|
|
|
||||||
11
src/ikm.rs
11
src/ikm.rs
|
|
@ -16,6 +16,7 @@ pub struct InputKeyMaterial {
|
||||||
}
|
}
|
||||||
|
|
||||||
impl InputKeyMaterial {
|
impl InputKeyMaterial {
|
||||||
|
#[cfg(feature = "ikm-management")]
|
||||||
fn as_bytes(&self) -> Result<[u8; IKM_STRUCT_SIZE], Error> {
|
fn as_bytes(&self) -> Result<[u8; IKM_STRUCT_SIZE], Error> {
|
||||||
let mut res = Vec::with_capacity(IKM_STRUCT_SIZE);
|
let mut res = Vec::with_capacity(IKM_STRUCT_SIZE);
|
||||||
res.extend_from_slice(&self.id.to_le_bytes());
|
res.extend_from_slice(&self.id.to_le_bytes());
|
||||||
|
|
@ -66,14 +67,17 @@ pub struct InputKeyMaterialList {
|
||||||
}
|
}
|
||||||
|
|
||||||
impl InputKeyMaterialList {
|
impl InputKeyMaterialList {
|
||||||
|
#[cfg(feature = "ikm-management")]
|
||||||
pub fn new() -> Self {
|
pub fn new() -> Self {
|
||||||
Self::default()
|
Self::default()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[cfg(feature = "ikm-management")]
|
||||||
pub fn add_ikm(&mut self) -> Result<(), Error> {
|
pub fn add_ikm(&mut self) -> Result<(), Error> {
|
||||||
self.add_ikm_with_duration(Duration::from_secs(crate::DEFAULT_IKM_DURATION))
|
self.add_ikm_with_duration(Duration::from_secs(crate::DEFAULT_IKM_DURATION))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[cfg(feature = "ikm-management")]
|
||||||
pub fn add_ikm_with_duration(&mut self, duration: Duration) -> Result<(), Error> {
|
pub fn add_ikm_with_duration(&mut self, duration: Duration) -> Result<(), Error> {
|
||||||
let mut content: [u8; 32] = [0; 32];
|
let mut content: [u8; 32] = [0; 32];
|
||||||
getrandom::getrandom(&mut content)?;
|
getrandom::getrandom(&mut content)?;
|
||||||
|
|
@ -90,6 +94,7 @@ impl InputKeyMaterialList {
|
||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[cfg(feature = "ikm-management")]
|
||||||
pub fn export(&self) -> Result<String, Error> {
|
pub fn export(&self) -> Result<String, Error> {
|
||||||
let data_size = (self.ikm_lst.len() * IKM_STRUCT_SIZE) + 4;
|
let data_size = (self.ikm_lst.len() * IKM_STRUCT_SIZE) + 4;
|
||||||
let mut data = Vec::with_capacity(data_size);
|
let mut data = Vec::with_capacity(data_size);
|
||||||
|
|
@ -120,6 +125,7 @@ impl InputKeyMaterialList {
|
||||||
mod tests {
|
mod tests {
|
||||||
use super::*;
|
use super::*;
|
||||||
|
|
||||||
|
#[cfg(feature = "ikm-management")]
|
||||||
fn round_time(t: SystemTime) -> SystemTime {
|
fn round_time(t: SystemTime) -> SystemTime {
|
||||||
let secs = t.duration_since(SystemTime::UNIX_EPOCH).unwrap().as_secs();
|
let secs = t.duration_since(SystemTime::UNIX_EPOCH).unwrap().as_secs();
|
||||||
SystemTime::UNIX_EPOCH
|
SystemTime::UNIX_EPOCH
|
||||||
|
|
@ -128,6 +134,7 @@ mod tests {
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
#[cfg(feature = "ikm-management")]
|
||||||
fn gen_ikm_list() {
|
fn gen_ikm_list() {
|
||||||
let mut lst = InputKeyMaterialList::new();
|
let mut lst = InputKeyMaterialList::new();
|
||||||
assert_eq!(lst.id_counter, 0);
|
assert_eq!(lst.id_counter, 0);
|
||||||
|
|
@ -154,6 +161,7 @@ mod tests {
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
#[cfg(feature = "ikm-management")]
|
||||||
fn export_empty() {
|
fn export_empty() {
|
||||||
let lst = InputKeyMaterialList::new();
|
let lst = InputKeyMaterialList::new();
|
||||||
assert_eq!(lst.id_counter, 0);
|
assert_eq!(lst.id_counter, 0);
|
||||||
|
|
@ -166,6 +174,7 @@ mod tests {
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
#[cfg(feature = "ikm-management")]
|
||||||
fn export() {
|
fn export() {
|
||||||
let mut lst = InputKeyMaterialList::new();
|
let mut lst = InputKeyMaterialList::new();
|
||||||
let _ = lst.add_ikm();
|
let _ = lst.add_ikm();
|
||||||
|
|
@ -199,6 +208,7 @@ mod tests {
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
#[cfg(feature = "ikm-management")]
|
||||||
fn export_import_empty() {
|
fn export_import_empty() {
|
||||||
let lst = InputKeyMaterialList::new();
|
let lst = InputKeyMaterialList::new();
|
||||||
|
|
||||||
|
|
@ -216,6 +226,7 @@ mod tests {
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
#[cfg(feature = "ikm-management")]
|
||||||
fn export_import() {
|
fn export_import() {
|
||||||
let mut lst = InputKeyMaterialList::new();
|
let mut lst = InputKeyMaterialList::new();
|
||||||
for _ in 0..10 {
|
for _ in 0..10 {
|
||||||
|
|
|
||||||
|
|
@ -6,7 +6,9 @@ pub use error::Error;
|
||||||
pub use ikm::InputKeyMaterialList;
|
pub use ikm::InputKeyMaterialList;
|
||||||
pub use scheme::Scheme;
|
pub use scheme::Scheme;
|
||||||
|
|
||||||
|
#[cfg(feature = "ikm-management")]
|
||||||
const DEFAULT_IKM_DURATION: u64 = 60 * 60 * 24 * 365; // In seconds
|
const DEFAULT_IKM_DURATION: u64 = 60 * 60 * 24 * 365; // In seconds
|
||||||
|
#[cfg(feature = "ikm-management")]
|
||||||
const DEFAULT_SCHEME: Scheme = Scheme::XChaCha20Poly1305WithBlake3;
|
const DEFAULT_SCHEME: Scheme = Scheme::XChaCha20Poly1305WithBlake3;
|
||||||
|
|
||||||
#[cfg(not(feature = "i-understand-and-accept-the-risks"))]
|
#[cfg(not(feature = "i-understand-and-accept-the-risks"))]
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue