bc_components/symmetric/

authentication_tag.rs

use std::rc::Rc;

use anyhow::{ bail, Error, Result };
use dcbor::prelude::*;

/// The authentication tag produced by the encryption process to verify message integrity.
///
/// An `AuthenticationTag` is a 16-byte value generated during ChaCha20-Poly1305 authenticated
/// encryption. It serves as a message authentication code (MAC) that verifies both the
/// authenticity and integrity of the encrypted message.
///
/// During decryption, the tag is verified to ensure:
/// - The message has not been tampered with (integrity)
/// - The message was encrypted by someone who possesses the encryption key (authenticity)
///
/// This implementation follows the Poly1305 MAC algorithm as specified in
/// [RFC-8439](https://datatracker.ietf.org/doc/html/rfc8439).
#[derive(Clone, Eq, PartialEq)]
pub struct AuthenticationTag([u8; Self::AUTHENTICATION_TAG_SIZE]);

impl AuthenticationTag {
    pub const AUTHENTICATION_TAG_SIZE: usize = 16;

    /// Restore an `AuthenticationTag` from a fixed-size array of bytes.
    pub const fn from_data(data: [u8; Self::AUTHENTICATION_TAG_SIZE]) -> Self {
        Self(data)
    }

    /// Restore an `AuthenticationTag` from a reference to an array of bytes.
    pub fn from_data_ref(data: impl AsRef<[u8]>) -> Result<Self> {
        let data = data.as_ref();
        if data.len() != Self::AUTHENTICATION_TAG_SIZE {
            bail!("Invalid authentication tag size");
        }
        let mut arr = [0u8; Self::AUTHENTICATION_TAG_SIZE];
        arr.copy_from_slice(data.as_ref());
        Ok(Self::from_data(arr))
    }

    /// Get a reference to the fixed-size array of bytes.
    pub fn data(&self) -> &[u8; Self::AUTHENTICATION_TAG_SIZE] {
        self.into()
    }
}

/// Implements `AsRef<AuthenticationTag>` to allow self-reference.
impl AsRef<AuthenticationTag> for AuthenticationTag {
    fn as_ref(&self) -> &AuthenticationTag {
        self
    }
}

/// Implements Debug formatting to display the tag in hexadecimal format.
impl std::fmt::Debug for AuthenticationTag {
    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
        f.debug_tuple("AuthenticationTag").field(&hex::encode(self.data())).finish()
    }
}

/// Implements conversion from a reference-counted AuthenticationTag to an owned AuthenticationTag.
impl From<Rc<AuthenticationTag>> for AuthenticationTag {
    fn from(value: Rc<AuthenticationTag>) -> Self {
        (*value).clone()
    }
}

/// Implements conversion from an AuthenticationTag reference to a byte array reference.
impl<'a> From<&'a AuthenticationTag> for &'a [u8; AuthenticationTag::AUTHENTICATION_TAG_SIZE] {
    fn from(value: &'a AuthenticationTag) -> Self {
        &value.0
    }
}

/// Implements conversion from a byte slice to an AuthenticationTag.
impl From<&[u8]> for AuthenticationTag {
    fn from(data: &[u8]) -> Self {
        Self::from_data_ref(data).unwrap()
    }
}

/// Implements conversion from a fixed-size byte array to an AuthenticationTag.
impl From<[u8; Self::AUTHENTICATION_TAG_SIZE]> for AuthenticationTag {
    fn from(data: [u8; Self::AUTHENTICATION_TAG_SIZE]) -> Self {
        Self::from_data(data)
    }
}

/// Implements conversion from a byte vector to an AuthenticationTag.
impl From<Vec<u8>> for AuthenticationTag {
    fn from(data: Vec<u8>) -> Self {
        Self::from_data_ref(data).unwrap()
    }
}

/// Implements conversion from AuthenticationTag to CBOR for serialization.
impl From<AuthenticationTag> for CBOR {
    fn from(value: AuthenticationTag) -> Self {
        CBOR::to_byte_string(value.data())
    }
}

/// Implements conversion from CBOR to AuthenticationTag for deserialization.
impl TryFrom<CBOR> for AuthenticationTag {
    type Error = Error;

    fn try_from(cbor: CBOR) -> Result<Self, Self::Error> {
        let data = CBOR::try_into_byte_string(cbor)?;
        Self::from_data_ref(data)
    }
}