bc_components/symmetric/
authentication_tag.rs

1use std::rc::Rc;
2
3use anyhow::{Error, Result, bail};
4use dcbor::prelude::*;
5
6/// The authentication tag produced by the encryption process to verify message
7/// integrity.
8///
9/// An `AuthenticationTag` is a 16-byte value generated during ChaCha20-Poly1305
10/// authenticated encryption. It serves as a message authentication code (MAC)
11/// that verifies both the authenticity and integrity of the encrypted message.
12///
13/// During decryption, the tag is verified to ensure:
14/// - The message has not been tampered with (integrity)
15/// - The message was encrypted by someone who possesses the encryption key
16///   (authenticity)
17///
18/// This implementation follows the Poly1305 MAC algorithm as specified in
19/// [RFC-8439](https://datatracker.ietf.org/doc/html/rfc8439).
20#[derive(Clone, Eq, PartialEq)]
21pub struct AuthenticationTag([u8; Self::AUTHENTICATION_TAG_SIZE]);
22
23impl AuthenticationTag {
24    pub const AUTHENTICATION_TAG_SIZE: usize = 16;
25
26    /// Restore an `AuthenticationTag` from a fixed-size array of bytes.
27    pub const fn from_data(data: [u8; Self::AUTHENTICATION_TAG_SIZE]) -> Self { Self(data) }
28
29    /// Restore an `AuthenticationTag` from a reference to an array of bytes.
30    pub fn from_data_ref(data: impl AsRef<[u8]>) -> Result<Self> {
31        let data = data.as_ref();
32        if data.len() != Self::AUTHENTICATION_TAG_SIZE {
33            bail!("Invalid authentication tag size");
34        }
35        let mut arr = [0u8; Self::AUTHENTICATION_TAG_SIZE];
36        arr.copy_from_slice(data.as_ref());
37        Ok(Self::from_data(arr))
38    }
39
40    /// Get a reference to the fixed-size array of bytes.
41    pub fn data(&self) -> &[u8; Self::AUTHENTICATION_TAG_SIZE] { self.into() }
42}
43
44/// Implements `AsRef<AuthenticationTag>` to allow self-reference.
45impl AsRef<AuthenticationTag> for AuthenticationTag {
46    fn as_ref(&self) -> &AuthenticationTag { self }
47}
48
49/// Implements Debug formatting to display the tag in hexadecimal format.
50impl std::fmt::Debug for AuthenticationTag {
51    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
52        f.debug_tuple("AuthenticationTag")
53            .field(&hex::encode(self.data()))
54            .finish()
55    }
56}
57
58/// Implements conversion from a reference-counted AuthenticationTag to an owned
59/// AuthenticationTag.
60impl From<Rc<AuthenticationTag>> for AuthenticationTag {
61    fn from(value: Rc<AuthenticationTag>) -> Self { (*value).clone() }
62}
63
64/// Implements conversion from an AuthenticationTag reference to a byte array
65/// reference.
66impl<'a> From<&'a AuthenticationTag> for &'a [u8; AuthenticationTag::AUTHENTICATION_TAG_SIZE] {
67    fn from(value: &'a AuthenticationTag) -> Self { &value.0 }
68}
69
70/// Implements conversion from a byte slice to an AuthenticationTag.
71impl From<&[u8]> for AuthenticationTag {
72    fn from(data: &[u8]) -> Self { Self::from_data_ref(data).unwrap() }
73}
74
75/// Implements conversion from a fixed-size byte array to an AuthenticationTag.
76impl From<[u8; Self::AUTHENTICATION_TAG_SIZE]> for AuthenticationTag {
77    fn from(data: [u8; Self::AUTHENTICATION_TAG_SIZE]) -> Self { Self::from_data(data) }
78}
79
80/// Implements conversion from a byte vector to an AuthenticationTag.
81impl From<Vec<u8>> for AuthenticationTag {
82    fn from(data: Vec<u8>) -> Self { Self::from_data_ref(data).unwrap() }
83}
84
85/// Implements conversion from AuthenticationTag to CBOR for serialization.
86impl From<AuthenticationTag> for CBOR {
87    fn from(value: AuthenticationTag) -> Self { CBOR::to_byte_string(value.data()) }
88}
89
90/// Implements conversion from CBOR to AuthenticationTag for deserialization.
91impl TryFrom<CBOR> for AuthenticationTag {
92    type Error = Error;
93
94    fn try_from(cbor: CBOR) -> Result<Self, Self::Error> {
95        let data = CBOR::try_into_byte_string(cbor)?;
96        Self::from_data_ref(data)
97    }
98}